Updated: Dec 1, 2020
This is part of an ongoing 2021 predictions series. We’ve asked top cyber experts to contribute their insights and expertise to provide a look ahead at what the new year may bring to cybersecurity.
Mike Riemer, Chief Security Architect at Pulse Secure
We will see an uptick in bad actors capitalizing on the growth of 5G to execute coordinated attacks
2020 has reminded us how nimble cybercriminals can be. The rise in 5G devices and networks will undoubtedly catch the attention of consumers in the coming year, as cellphone carriers such as AT&T look to scale standalone deployment in 2021, and new products such as the iPhone 12 advertise 5G capabilities. The technology is predicted to completely transform the way we work and live by linking numerous aspects of our lives to faster and lower latency networks. The spotlight on this technological revolution will also draw the attention of state-sponsored and other cybercriminals, who will seek to develop sophisticated and aggressive plans of attack that can leverage the increase in network connectivity to carry out ransomware attacks.
Financial institutions will be the most at-risk industry for cloud-jacking
As companies across industries continue to move towards hybrid IT environments, the threat of cloud security breaches is at an all-time high. Financial institutions, which have traditionally been slower to adopt cloud technologies due to heavy regulations and security concerns, accelerated their digital transformations in 2020 as COVID-19 brought about new challenges. These businesses are now faced with a customer base seeking digital-first services, and they are leveraging cloud-based infrastructure to maintain customer satisfaction. As a result of this rapid transition to a hybrid cloud environment, we could see the cloud-jacking of a major financial institution that results in bad actors gaining control of highly sensitive customer information.
The Twitter employee hack is a sign of more sophisticated phishing scams to come
In July 2020, bad actors leveraged social engineering techniques, which involves manipulating people into giving up sensitive information, in order to pose as internal IT staff and convince Twitter employees working from home to enter their login information. The phishing attack resulted in numerous high-profile Twitter accounts, like Barack Obama and Elon Musk, being hacked. Twitter was ultimately found to have insufficient internal controls and a lack of cybersecurity regulation, which contributed to the incident.
The brazen nature of the Twitter attack shows bad actors are using social engineering to raise the stakes, and we can expect to see more of these high-profile orchestrated events in 2021 as remote work continues and cyber criminals look for new, creative ways to infiltrate organizations. The incident represents a new focus on remote users and remote connectivity, whether through VPN tunnels or other remote connectivity forms. In response, companies must prepare now with the appropriate end-user education and adopt an adaptive risk and trust threat assessment mentality. This can be accomplished by adopting a Zero Trust approach founded on the principles of continuous verification and authorizations that allow organizations to have better visibility and insight into what is, and is not, typical behavior for an employee.
A lack of segregation between company IoT/IIoT devices and the rest of the network will result in an increase in breaches
Most organizations have network-level, port-based security on IoT devices, but it's really the internet-connected operational technology (OT) assets that these devices are communicating with and this is where the security focus needs to be, especially since a lot of those OT systems are going to the cloud. We will see more hackers looking to infiltrate a host OT system on the web to gain access to various tenants. From there, these bad actors can go in and hit an IoT device on somebody's network and drop some sort of bot or ransomware on it that then goes after the internal systems.
In the Industrial Internet of Things (IIoT) market, which has been around a lot longer than the IoT market, devices also present a growing risk to organizations. These machines, which are used in manufacturing sectors and applications, have traditionally had a legacy connectivity to OT systems that has taken place outside of the internet. However, similar to the IoT market, we have seen the manufacturing move those OT systems to a cloud environment, opening up the entire organization to intruders.
Maintaining the security for OT systems is going to be critical, which is why companies must implement processes and technologies that ensure the IoT devices or IIoT devices talking to the OT systems are what they say they are and haven’t been hijacked. It is important to ensure that any type of interaction happening between IIoT/IoT devices and OT systems occurs away from corporate content. This means setting up strict parameters to keep networks as secure as possible.
Rohini Kasturi, Chief Product Officer at Pulse Secure
Automation will be the key to a successful cybersecurity program
Amid the growing cybersecurity skills gap, the broader theme in 2021 will be the increased adoption of technology that capitalizes on artificial intelligence and machine learning to automate key security functions.
COVID-19 resulted in a massive, global shift to a remote workforce. However, next year we will enter a completely new normal when we start to see more workers return to the office while others, who are not yet able or willing to make the transition, remain home. This will result in a split that forces IT departments to handle the demands of both full-scale on-premise and full-scale remote access. The only way to be efficient in the new world of work will be to utilize solutions with automation capabilities instead of relying solely on in-house security teams. Companies will turn to newer technologies such as Zero Trust Network Access and Artificial Intelligence Markup Language (AIML) techniques to work smarter in leveraging their workforce.
Hybrid cloud environments will be a prime target for hackers
The growing adoption of cloud services combined with the increased use of mobile devices and laptops amid COVID-19 will make unsecured cloud users a prime target. Many companies use identity access management to combat potential security breaches, but the data part often goes unencrypted. We should expect to see hackers put a lot more emphasis on attacking web applications sitting on the cloud and applications that are distributed in nature. These actions will put a lot of pressure on information security groups, making it even more critical for companies to ensure there are no gaps or silos in their security strategy.
Enterprises will have to go beyond traditional Zero Trust to adopt a hyper-converged model
As employees continue to work from home, enterprises must come to terms with the reality that it may not be just the employee accessing a company device. Other people, such as a child or spouse, may use a laptop, phone, or tablet and inadvertently download ransomware or other types of software malware. Then, when the employee starts using the device to access a corporate network or specific corporate cloud application, it becomes a rogue device. Without having eyes on employees, how do businesses ensure the user and device are trusted? And what about the application, data and infrastructure? All of these components must be verified on a continual basis every few minutes to maintain a superior secure access posture. That is why organizations must adopt a Zero Trust Access solution capable of handling the hyper-converged technology and infrastructure within today’s digital workplace by providing a unified, cloud-based service that enables greater accessibility, efficiency, and risk reduction.
Adopting a zero trust model will be especially important for the healthcare and education industries. As they work to solidify their security posture after a tough year, the biggest aspect they must improve on is having the technology in place to grant total visibility into their remote and in-person workforce. Zero Trust will allow them to gain real-time insight into areas of concern and react in real-time when a breach does happen, lessening the effects of bad actors and making them more resilient in the long run.