Expect sophisticated cyber attacks in 2021, warns report

Organisations across the globe will have to invest more to contain the soaring incidents of cyber-attacks occasioned by the seismic shift from legacy businesses to cloud-based corporate staffing, a new report projects.

The prediction survey titled “Securing the next normal” released on November 10 by Israel-based cyber security firm Check Point indicates that the effects of the 'new normal' created by the Covid-19 pandemic will continue to be a key focus for organisations' online security teams.

With 81 per cent of enterprises across the world adopting mass remote working this year according to Gartner, and 74 per cent planning to make it permanent starting next January, companies will need new ways to counter the sharp rise in ransomware and botnet threats.

And while many countries are preparing for the internet of things (IoT) in 2021, the report warns that those who fail to secure their 5G networks and the connected devices it will power could find themselves in a regrettable position since hacking groups now have the capacity to take over entire business operations using sophisticated software.

Covid-19 disruptions

"The pandemic derailed business-as-usual for virtually every organisation, forcing them to set aside their existing business and strategic plans, and quickly pivot to delivering secure remote connectivity at massive scale for their workforces," states the report.

It adds that IT security teams also had to deal with escalating threats to their new cloud deployments as hackers sought to take advantage of the pandemic's disruption.

"71 per cent of security professionals reported an increase in cyber threats since lockdowns started," says the study.

According to Pankaj Bhula, Check Point's Middle East and Africa regional director, one of the few predictable things about cyber security is that threat actors will always seek to take advantage of major events or changes – such as the pandemic or the introduction of 5G – for their own gain. 

"To stay ahead of threats, organisations must be proactive and leave no part of their attack surface unprotected or unmonitored, or they risk becoming the next victim of sophisticated, targeted attacks," he told the Nation.

In 2021, the report predicts, Covid-19 will still be hurting lives, businesses and societies, and those impacts will change as the year progresses.

"So, we need to be ready for a series of 'next normal' as we respond to those changes.  Following the rush to remote working, organisations need to better secure their new distributed networks and cloud deployments to keep their applications and data protected," the report says.

Automate threat prevention

This means enforcing and automating threat prevention at all points of a company's network, from employees' smartphones and endpoints, to IoT devices and clouds.

This, the reports hopes, will stop advanced attacks spreading rapidly across organisations, and exploiting weaknesses to breach sensitive data.

Kenya, which has seen a rise in the need to secure corporate systems during the pandemic, will need to preach the cyber security gospel to small and medium sized businesses (SMEs) which have invested very little to secure their businesses.

Nairobi-based cyber security consultant Diana Waithanji warns companies and government agencies against committing little budgets towards securing their IT environments.

"Every organisation must have an information security strategy. It should be ready to invest in cyber security because it's much cheaper to be proactive than reactive. They should also prepare a business impact analysis and a business continuity plan so that processes do not stop after an attack," she told the Nation.

Phishing campaigns

While a vaccine for the virus was announced on November 9, news of vaccine developments or new national restrictions will continue to be used in phishing campaigns, the survey warns, adding that pharmaceutical companies developing vaccines will be highly targeted by hackers and nation-states looking to exploit the situation.

"Cyber criminals are targeting corporates using e-mail-based attacks such as phishing and ransomware, purporting to be from official organisations such as the World Health Organisation," says Mr Antony Muiyuro, senior manager and cybersecurity lead at Ernst and Young East Africa.

With Kenya yet to resume learning in full, schools and universities will have to secure their e-learning platforms, given that the sector experienced a 30 per cent increase in weekly cyber-attacks globally in August, according to Check Point. Attacks are expected to continue to disrupt remote learning activities over the coming year.

Sensitive data

The research also predicts that ransomware will be deployed on a massive scale, where hackers first extract large amounts of sensitive data, prior to encrypting a victim's databases.

"Then attackers will threaten to publish that data unless ransom demands are paid, putting extra pressure on organisations to meet hackers' demands. Hackers have developed many malware families into botnets, to build armies of infected computers with which to launch attacks," the study apprises.

Dr Bright Mawudor, head of cyber security services at Internet Solutions, notes that malicious WhatsApp links and decoys are being spread in Kenya and have been pre-programmed to access particular private information.

"Beware of these links being shared on WhatsApp and e-mail. You must avoid typing into links that purport to reset already hacked smartphones. They are all fake and aim to compromise your company," he warns.

He adds that fake links of information regarding the new vaccine will have codes embedded in them instructed to get all details about users including their bank and mobile money passwords.

The report cautions against Emotet, the most commonly-used malware in 2020, that started as a banking Trojan but has evolved to become one of the most persistent and versatile botnets, capable of launching a range of damaging exploits, from ransomware to data theft.

A more worrying prediction is the high possibility of nations attacking each other for espionage or to influence events in target countries. 

2021 is the year when deep fakes will be weaponised by cyber attackers, with techniques for fake videos or audios being advanced enough to create targeted content to manipulate opinions, stock prices or even elections.

Fake audios

Earlier this year, a political group in Belgium released a deep-fake video of the Belgian Prime Minister giving a speech linking Covid-19 to environmental damage and calling for action on climate change. Many viewers believed the speech was real.

"At a simpler level, audio could be faked for voice phishing so that a CEO's voice could be faked to bypass voice authentication," forewarns the report.

The totally connected, high-speed world promised by 5G will give criminals opportunities to launch attacks and cause disruption by targeting that connectivity.

"Telemedicine apps and devices will collect data about users' well-being, connected car services will monitor users' movements, and smart city applications will collect information about how users live their lives," the study says.

Such massive volume of data from always-on smartphones and 5G devices will need to be protected against breaches, theft and tampering to ensure privacy and security against attacks, since most of this data will bypass corporate networks and their security controls.

"IoT devices and their connections to networks and clouds, are still a weak link in security. We need a more holistic approach to IoT security, with a combination of traditional and new controls to protect these ever-growing networks across all industry and business sectors," the study concludes.

[email protected]