Throughout 2020, the COVID-19 pandemic has created a new playground for hackers. In response, many institutions have strengthened cybersecurity systems and rapid digital transformation initiatives. What does cybersecurity look like and how do threats evolve in 2021?
The main factor, and perhaps the most difficult to control against vulnerabilities that are easy to automate and capture in application / server logs, are the mistakes made by legitimate users - which are much less predictable, making them harder to identify. Without a crystal ball at hand, we believe there are several cyber security trends we need to pay attention to in the new year:
Increasing “social engineering” attacks Social
engineering is the term used for a wide range of cyber attacks through human interactions. . It uses psychological manipulation to trick users into making security mistakes or providing sensitive information.
Social engineering attacks take place in one or more steps. An attacker first investigates the target to gather the necessary basic information, such as potential entry points and weak security protocols, needed to continue the attack. The attacker then tries to gain the victim's trust by encouraging actions that lead to breaches of security policies, such as disclosing sensitive information or granting access to critical resources.
'Social engineering' techniques that can be used: traps in which users inadvertently provide access to personal data or the possibility of installing viruses such as fraudulent communications disguised as legitimate, in other words: phishing, "scareware ”Involving bombarding victims with false alarms and fictitious threats in which users find infected links, etc.
Security and event management (SIEM, pronounced“ sim ”) is a key security technology, with the ability to connect all systems together for a complete picture of security, which can help your organization identify when and where a virus has entered the network. But to prevent social engineering attacks, your employees need to be educated about cybersecurity best practices to further reduce the area of the threat. By training people who use your company's network, emails, or certain software, you can improve your security.
Internet Connection Vulnerabilities
Any network connected to the Internet is vulnerable to vulnerabilities, which include any system that has an IP address or hostname. Therefore, remote users who may or may not use a VPN, Remote Desktop Protocol (RDP) or other access tool are at risk - especially as organizations continue to expand their Internet presence by increasing the use of interconnected systems accessible via the Internet.
Many organizations have not yet implemented a vulnerability management program and, in general, a routine system scan and optimization. To combat both known and unknown vulnerabilities facing the Internet, you can consider the practices recommended by the Cyber Security and Infrastructure Agency (CISA):
There are three main ways in which ransomware can enter a device or system: phishing by e-mail, phishing on social networks and exploitation kits (automatic programs). To persuade users to click, cybercriminals use detailed research and information to find tactics, techniques and procedures that will be effective on the victim - including genuine email addresses, logos, grammar and tone of voice. In 2021, hackers will find new ways to create seemingly authentic messages to attract unsuspected targets to open the message without thinking.
The only way to protect yourself from ransomware attacks by people is to identify suspicious links, continuously scan for vulnerabilities, keep your software up to date, and ensure that your organization pays close attention to cybersecurity and proper employee training.
It is better to prevent than to 'repair'.
The cyber-resistant business brings to the table cyber security capabilities, business continuity and resistance against possible attacks. Applying dynamic security strategies to respond quickly to threats can minimize potential damage. Security innovation must be encouraged in every company, so as to protect our business and employees from cyber attacks.
The NSHOST team is at your disposal with tips for increasing the security of websites hosted on servers web-shared, VPS hosting or Cloud hosting, optimizing the daily backup strategy, logs, VPN access, etc.