Maze ransomware is retiring, but that doesn’t mean there won’t be new ransomware strains. Going into 2021, there are a few elements that I think will continue to be the main drivers for cybersecurity. Part of it is Secure Access Service Edge, SASE, is definitely here to stay. In 2021, the focus will on securing devices and edges on very distributed environments. So, if you think about that, threats are no longer something that you can block based on IP addresses based on domains. Cybercriminals are going to be infiltrating people’s endpoints, and the attacks are usually going to be at the data level and then move laterally along the whatever axis it has available. For example, file sync and share, that’s a SaaS solution, so you cannot block that by IP address. So, from a security perspective, it will be important to focus on what we called micro-segmentation, working away from the network, IPv4 stack or infrastructure stack to get closer to the endpoint and the data.
Need of new IT skills
One of the things that I see is the need to figure out where attacks are coming from, which can be much more challenging as attacks get more sophisticated. In today’s world, the bad guys are building all kinds of botnets, whether it is TrickBot or InterPlanetary Storm. And because of that, anyone’s computer or even cloud infrastructure could be infiltrated and weaponised. That solutions focused on protecting people from IP address sending too many spam emails or phishing attacks can’t stop these threats. Viewing IP reputation as the key to stopping an attack, doesn’t work anymore. You have to really understand what is in your inbox? What are the normal communication patterns?
In 2021, I believe that pattern is going to continue, in the sense that more infrastructure will be weaponised by the bad guys. It could be a university or a hospital or any company that has a substantial number of resources in the cloud. From that perspective, you end up with compute power being stolen and utilised in phishing attacks, which usually can steal more credentials and continue to drive, for example, ransomware attacks, monetising it all for the attackers. And the worst of all, it will ruin the reputation of trusted brands. There is a whole economy to what the attackers are doing: supply chain, delivery, weaponisation, and then a finance component. So, in 2021 it is going to be very important for IT security professionals to pay attention to their cloud infrastructure, their edge devices, and their remote workers’ tools. Having those all under some level of Zero Trust-based security strategy is the only way that you can succeed.
Beyond email, the collaboration space is opening up as a threat vector, and IT executives need to be aware of that. Slack is trying to take down email, and that opens up a whole new platform for attackers to take advantage of. So, understanding other collaboration platforms and being ready to secure those platforms is going to be a key area for IT executives to focus on in 2021.
Most vulnerable industries
Healthcare will be the most targeted industry for the next five years. For example, at the beginning of the pandemic, we were short on PPE, so the bad guys weaponised against that, tricking people into clicking on malicious links by promising updates on PPE shipments or availability. Next, the attackers are going to apply the same tactics to vaccines because there is going to be a huge line of governments looking to get their hands on the vaccines. The logistics involved in delivery of vaccines will also be weaponised.
The economic recovery will make small businesses another primary target for attacks in 2021, as we face the possibility of additional waves of shutdowns and various economic rescue plans are rolled out, which could all potentially turn into an opportunity for attackers. Even, the travel industry, which has suffered a lot, attackers will take advantage as travel starts to come back, and they will start using fake offers to steal credentials.
Changes in cybersecurity market
5G will drive another wave of upgrades to mobile networking, from Base Station Subsystems and overall application infrastructure. Cybersecurity strategy will need to quickly shift toward the edge to perform policy enforcements. Any security solution that has to backhaul traffic via proxy or network routes will suffer from performance degradation and potential reduced efficacy. There will also be optimisation efforts to transform applications to perform well in a 5G environment. This could reduce the window of opportunity to respond to attacks. At the device level, regardless of BYOD or sanctioned devices, a heightened security posture with a trust-based security strategy will help reduce attack surfaces.
Emerging security technologies
Encryption is going to make a huge comeback in 2021 because of data privacy, as well as how ransomware attacks are extending to use extortion. Protecting your data and using encryption is the only way out of those situations. CASB is another technology that is not brand new, but I think it is going to make a comeback in 2021 because it’s access control and a way to apply different policies on who and when they can see the content or the data. And, of course, Zero-Trust, access micro-segmentation, reducing the surface and exposure are going to be very important.
By Fleming Shi, CTO at Barracuda.