In 2020, businesses across nearly every industry underwent a significant change. While companies were already growing increasingly mobile, the need for social distancing measures to stem the COVID-19 pandemic made working from home the new normal. This has opened up many unknown vectors of attack for cybercriminals. Read on to learn about some examples of cyber crimes to be mindful of and how to keep your company safe from the most common attacks.
Types of Cybercrimes to Watch for in 2021
This blog primarily focuses on data collected in Verizon’s Data Breach Investigations Report (DBIR) for 2020, which indexes the biggest threats from last year. These are likely to be the most significant security risks this year, as well, considering the long-term impacts of COVID-19.
Below, we’ll cover four of the biggest cyberthreats to watch out for this year, including:
- Hacking, theft, DoS, and other attacks originating from advanced cybercriminals
- Data breaches and other cybersecurity events resulting from internal user errors
- Social engineering scams (phishing, etc.) that abuse individuals’ trust for access
- Dangerous viruses and malware and how they appear within your system
We’ll also explain the best ways to prevent and mitigate these threats with helpful best practices to implement internally and resources to leverage externally.
Cyberthreat #1: Hacking, Theft, and DoS
The most prevalent form of cyber-attack in 2020, per the DBIR, was hacking. This is an umbrella term encompassing a wide range of possible attacks on all areas and elements of a security system. Nevertheless, hacks employing “brute force” or stolen credentials made up the vast majority of all incidents and breaches in this category. The top three attack vectors were:
- Brute force or stolen credentials, making up over 80% of all total hacking attacks
- The exploitation of vulnerabilities in companies’ cyberdefense systems (less than 20%)
- Use of “Command and Control” (“C2”) or backdoor functionalities (less than 10%)
A systematic approach to threat and vulnerability management is the key to preventing the second vector above. But for the first and third, you need more complex defensive measures.
How to Prevent Hacking and Other Related Attacks
One of the most innovative and powerful tools for cybersecurity leverages offense to bolster defenses. The practice of penetration testing, a form of “ethical hacking,” simulates an attack on your systems to study the attacker’s behavior and identify the vulnerabilities they could exploit when your system is compromised. These insights then inform your patches and cybersecurity improvements.
In an external or “black hat” pen-test, the attacker begins with little to no information about your system. The goal is to measure how quickly they get “inside” and how they do it. In an internal or “white hat” pen-test, the attacker begins from inside; the goal is to measure how much damage they do once there and impede their progress. Many companies opt for a hybrid “grey hat” test to study elements of both types of cybercrimes for optimal ROI and long-term defenses.
Cyberthreat #2: User Errors and Misuses
User error is second to hacking in the DBIR’s analysis of threat actions in 2020. This broad category covers a wide variety of internal mistakes. The most common and impactful include:
- Misconfiguration, accounting for over 40% and rapidly rising over the past two years
- Misdelivery, decreasing steadily since 2018 but still accounting for over 30% of errors
- Publishing error, also decreasing over time but accounting for close to 10% of errors
Workplaces’ newfound mobility will likely increase the amount and severity of user errors in the future. Hence the importance of a robust training program to screen out mistakes.
The Importance of IT Awareness and Training
Cybersecurity awareness training can counteract behaviors that lead to damaging errors and make team members active participants in your overall cyberdefense. Training must cover all elements of your company’s cybersecurity and in-depth modules on the broader security environment around your particular industry.
Furthermore, one-off seminars and workshops are not enough to keep all team members fully aware. You’ll need to implement ongoing exercises regularly, including assessment measures (tests) and real-time drills, to engage the entire workforce fully.
Cyberthreat #3: Social Engineering Scams
Social engineering is related to user errors and misuse. It involves attackers manipulating staff to provide them with protected information or access unwittingly. Verizon attributes 22% of 2020 attacks to social engineering. The most common social engineering types of cybercrimes are:
- Phishing involves fraudulent messages disguised as official communications that prompt users to input sensitive information, click on malicious links, or download malware.
- Pretexting involves detailed fraud schemes that describe a situation (such as a personal or business emergency) that convinces targets to compromise information more readily.
These attacks often occur via email communications, but they can also happen via phone (“vishing”) or SMS text messages (“smishing”). They can target mass audiences or high-leverage individuals. Targeting the latter is commonly referred to as “spear-phishing” or “whaling.”
Gone Phishing: Preventing Social Engineering
One of the most effective ways to prevent and mitigate the damage done by social engineering scams is to implement a robust identity and access management program. All passwords (or passphrases) need to meet minimum standards for length and complexity at a base level. They also need to be updated frequently, with prior password combinations disallowed for future use.
But, no matter how complex, passwords are not enough to prevent damage when they are stolen. For that, you’ll need to implement multi-factor authentication (MFA). Users must authenticate their access to sensitive information with some combination of credentials, like one thing they know (password), one thing they have (device), and one thing they are (a biometric).
Cyberthreat #4: Virus and Malware Attacks
Finally, the last kind of attack to watch out for in 2021, given its prevalence in 2020, is the broad category of malware and virus-based cybercrimes. These include many different programs that, once installed on your system, replicate and hide while divulging sensitive data.
The most common and dangerous forms of viruses and malware in 2020 included the following:
- “Password dumper” programs that steal user credentials opening up other attacks
- Apps and programs that capture app data, including protected payment information
- “Ransomware” malware that denies service until the victim pays a sum to attackers
Most of these forms of malware made their way onto computers through email links, such as social engineering or direct install, which is usually the result of stolen credentials. In exceptional cases (under 20%), it is malware itself that leads to the installation of other malware.
Benefits of Proactive Web Filtering Programs
The most fundamental line of defense against viruses and malware is robust antivirus software. Beyond this, your company should also install strong firewall protections to screen out any incoming traffic that might be or include malware. And where the firewall is not enough, try innovative, proactive web filtering services like Cisco Umbrella.
Web filtering works by applying an additional security layer designed specifically to catch anything your firewall might miss. It analyzes incoming packets and other traffic forms before and after they hit the firewall, indexing for elements that commonly elude firewall filters.
How Professional Cyberdefense Services Help
As the world adapts to the impacts of COVID-19, work from home conditions may lighten. However, businesses that have found success during the pandemic may choose to stick with what has worked so far. This means that the biggest cyberthreats of 2020 aren’t going anywhere anytime soon, and companies need to prepare for these threats accordingly.
Across all the cybercrimes detailed above, one thing remains constant: the best way to cover your bases and account for all risks is partnering with a managed security service provider. To avoid being an example of cyber crimes’ increased potency in our new mobile world, contact RSI Security today!
Download Our Cybersecurity Checklist
Prevent costly and reputation damaging breaches by implementing cybersecurity best practices. Get started with our checklist today. Upon filling out this brief form you will receive the checklist via email.