While we are recovering from the worst of the COVID-19 pandemic, cyber threats show no signs of abating, with cybercriminals still using advanced methods to achieve their goals.
Global Threat Trends ReportIt shows that cyber attacks are targeting digital infrastructure. Ransomware, DDoS attacks, phishing, malware and man-in-the-middle attacks are the biggest threats facing enterprises today. Enterprises and individuals must take varying degrees of measures to defend against these attacks in 2021.
When new threats emerge, attackers will learn to exploit these methods - however, most enterprises are only aware of the current threats and are not aware of these new threats and new attack methods.
Enterprises struggle to respond to these threats due to complex resources and a lack of understanding of the evolving threat landscape. For these reasons, enterprises need to understand advanced threats, especially those targeting their infrastructure. This article will outline the evolution of the cyber threat landscape in 2021.
1. Ransomware
Ransomware remains a common and evolvingcyber securitythreats, and there have been several well-publicized incidents over the years. Ransomware incidents can impact organizations, businesses, and individuals, resulting in financial losses, operational disruptions, and data breaches. Attacks via Internet vulnerabilities, misconfigurations, third-party and hosting providers, Remote Desktop Protocol (RDP), and phishing emails continue to be the most common means of infection.
In 2021, the occurrence of extortion schemes increased from a single scheme to multiple schemes. After initially encrypting victims' sensitive information and threatening public disclosure unless a ransom was paid, attackers are now targeting victims' partners and customers for ransom to maximize profits.
New research from CoalitionIt shows that average ransom demands increased by 170% in the first half of 2021 compared to last year.
according to ENISA threat landscape 2021, and it could hit $100 million in 2022.
Furthermore, cryptocurrency becomes the payment method of choice as it promises to provide safe, fast and anonymous channels for currency transactions. Additionally, attackers are switching from Bitcoin to Monero as their choice due to its enhanced anonymity.
Tips to prevent becoming a victim:
- Security awareness training
- Use secure websites
- Defense in depth cybersecurity strategy
- Vulnerability assessment and penetration testing
2. Cryptojacking
Another attack trend in 2021 is cryptojacking, which is related to the expanding instability of the cryptocurrency market. Given the anonymity of cryptocurrency, it has become a convenient and attractive method of exchange for attackers. In this attack, cybercriminals deployed hidden cryptojacking software onto targeted devices to steal information from cryptocurrency wallets. Siloscape is a new malware that emerged in June 2021 that targets Windows containers and creates malicious containers that load cryptocurrency miners and identify and steal cryptocurrency.
Recommendations for resisting cryptojacking:
- Implement network filters and blacklist IP addresses from encrypted IP pools
- Develop patches for well-known vulnerabilities
- Implement a strong vulnerability management program
3. Data leakage
Stealing sensitive data from businesses or users may not seem like anything new, but the way attackers approach it has changed. Just as some businesses adopt new technologies to survive in cyber environments, attackers also use sophisticated methods to exploit attacks - such as deepfake technology.
While this is not a new concept, it has evolved a lot. Using MI and AI, deepfake technology enables the digital creation of an individual's likeness, which can then be used to impersonate the victim. AI and ML tools make it possible to produce an artificial version of any voice or any video.
Security researchers at CybercubeWarning: Deepfake audio and video content could become a major cyber threat to businesses around the world. Additionally, the widespread harm associated with this type of counterfeit content is expected to increase in the coming years. The increased reliance on video-based communications is expected to be a major factor driving attackers to pay more attention to deepfake technology.
Deepfake monitoring and removal recommendations:
- Improve digital archiving to identify fake videos and fake voice clips
- Implement a content authenticity program to verify the creator and source of data
4. Botnet
As old botnets continue to transform to bypass current security solutions, new botnets are emerging. This is because cybercriminals see a new model of botnets as a service, where botnets can be rented/sold to companies or individuals for malicious purposes for financial gain.
Furthermore, the presence of botnets in cloud and mobile environments raises the new possibility that they may soon be able to learn on their own and exploit weaknesses in user interaction patterns. The increasing adoption of IoT and the lack of security in its development and deployment provide another viable front for the proliferation of botnets.
A recent report showed that the total number of IoT attacks by well-known IoT botnets such as Mirai and Mozi increased by 500%.
According to X-Force research, Mozi botnet attacks accounted for 89% of IoT attacks in 2020. In addition to Mozi, several other botnets continue to target the IoT space. Ecobot, Zeroshell, Gafgyt and Loli are four well-known botnets affecting global businesses.
Suggestions for counterattack:
- Use penetration testing
- Change default IoT settings when installing any new device
- Implement a powerful patch management program
- Implement effective bot protection and mitigation strategies
overall situation
New cyber threats are being detected all the time, and they have the potential to affect any operating system, including Linux, Windows, iOS, Mac OS, and Android.
Additionally, due to the continued adoption of remote working and the increasing number of connected IoT devices, potential vulnerabilities, new threat vectors are evolving.
This evolution in the cyber threat landscape is forcing enterprises to upgrade their vulnerability management programs, security tools, processes and skills to stay ahead of the curve.
If you want to take a proactive and actionable approach when protecting your information, stay informed about the latest cybersecurity threat landscape!
Original article by CNCSO, if reproduced, please credit: https://www.cncso.com/en/the-evolution-of-the-threat-landscape-in-2021-from-ransomware-to-botnet.html
