Home>Security>Cyber Crime>Cyber Security: The Next Chapter for Attack and Defence Methodologies
Home>Security>IT Security >Cyber Security: The Next Chapter for Attack and Defence Methodologies
Home>Security Matters>Security Matters>Cyber Security: The Next Chapter for Attack and Defence Methodologies

Cyber Security: The Next Chapter for Attack and Defence Methodologies

14 January 2021

2020 WITNESSED a seismic physical, economic and cultural shift among global organisations as businesses necessarily adapted to working during a pandemic. When COVID-19 brought sweeping changes to the way in which we all operate, communicate and do business, cyber criminals were in the wings waiting to seize any opportunity they could to exploit security weaknesses for monetary and disruptive gains. Is that trend going to continue in 2021? Safi Raza offers his views on the matter.

Since the start of the COVID-19 pandemic, there has undoubtedly been a sharp rise in the volume of cyber attacks perpetrated across a range of industries including healthcare and education, not to mention the e-commerce environment in general. Today’s cyber criminal is constantly evolving to take advantage of online behaviours and trends. The advent of the COVID-19 pandemic has certainly been viewed as an opportunity for the criminal fraternity.

What, though, will cyber criminals bring to the table in 2021? How do organisations go about ensuring they have the appropriate cyber security strategy in place to mitigate ever-changing and evolving cyber threats?

Rising risk of remote working

Today, the majority of organisations have a remote workforce, with many employees relying on personal devices to conduct their tasks. Work. It’s a method of working that’s not secure.

Why? Remote employees are sharing the home network with smart TVs, phones, tablets and various Internet of Things devices that are not always adequately secured. The exchange of highly sensitive and confidential information that once occurred behind fortified infrastructures is now being conducted from fragile home networks.

For the modern CTO, this situation is far from ideal. As home working cyber-related risk will only become greater during the next year, CTOs and their teams are relentlessly exploring avenues to help mitigate that risk. In 2021, it’s certain that organisations will need to spend more time and money on endpoint security and end user training.

AI and the future of cyber security

The massive and sudden increase in the number of people working from home has validated the role of Artificial Intelligence (AI) in the future of cyber security. Unlike traditional security solutions, AI doesn’t depend on known signatures. Instead, it relies on user and attack behaviour analytics and network traffic analytics, quickly neutralising a threat before it becomes a crisis.

Phishing is the most commonly known threat countered by the use of AI. Microsoft and Google already use AI to detect spam and phishing e-mails. Several cyber security companies including Rapid7, Dark Trace, Barracuda and Palo Alto are using AI-powered SIEM, firewalls and a variety of other applications to ensure that organisations remain secure.

The implementation of AI and machine learning helps security professionals to identify attacks as it enables them to analyse and predict those episodes in real-time. In 2021, we will see much more of this as organisations invest in avoiding cyber attacks before they become a genuine and troublesome threat.

Greater threat

Cyber criminals follow the money, so we can expect to see ransomware cases continuing to rise. After all, criminals will use a tool for as long as it’s effective. In 2020, many hospitals and healthcare facilities were the victims of ransomware. In fact, the Cyber Security and Infrastructure Security Agency, the FBI and the Department of Health and Human Services in the US recently warned that there’s “an increased and imminent cyber crime threat posed to (specifically) US hospitals and healthcare providers.”

The extortion techniques are changing, too. For example, a recent hack of a mental health services provider, namely Vastaamo, resulted in hackers contacting the patients and threatening to release their therapy notes and other data unless a sum of 200 Euros was paid.

For any organisation, whether a business or a hospital, the freezing of its digital systems threatens customer and patient care, creating urgency to pay up and recover. For as long as it’s monetarily viable, ransomware will continue to be a top threat for many years to come.

Dangers of deep fakes

Human beings are the weakest link in the cyber security chain. As more defensive technologies integrate with AI, it’s becoming increasingly difficult for bad actors to compromise network boundaries. As a result, there’s an increasing reliance on social engineering.

Deep fakes are a newer social engineering tool in a hacker’s arsenal. The terminology behind audio or video recordings that combine existing information and develop it into a new image, video or audio recording can be pooled with existing tactics to cause maximum damage.

For instance, imagine an organisation’s accounts payable employee receiving an e-mail from the CEO regarding a transfer of funds followed by the CEO’s phone call. People tend to be cautious with e-mail as they may be aware of phishing techniques and learned about them in security awareness training, but receiving a phone call from an executive of the company makes it somewhat less suspicious.

Deep fake tools are easily accessible online. An open source program named Avatarifyn, for instance, superimposes someone else’s face on to the user’s face in real-time during video meetings. The code is available on Github for anyone to use. The lack of effective deep fake detection technology attracts many bad actors to use deep fakes. It’s a threat that will only become stronger in 2021.

Third party risk

The cyber incidents caused by supplier negligence are increasing at an alarming rate. The infamous 2013 Target hack was successful because hackers compromised the HVAC contractor and used stolen access details to infiltrate the company’s infrastructure. The incident cost Target over $300 million.

Organisations must implement an effective third party management program to ensure periodic validation of confidentiality, integrity and data availability. 

2021 is set to be more challenging than ever as cyber criminals adopt increasingly sophisticated ways in which to break into organisations’ IT systems. It’s vital that employees follow strict IT security policies, whether they’re working in the office or at home. It only takes a simple error or lapse in judgement to create a large-scale and highly damaging cyber attack.

Safi Raza is Director of Cyber Security at Fusion Risk Management