3 Cybersecurity trends you can’t ignore in 2021

Now that we’re in the second quarter of 2021, it’s safe to assume that current cybersecurity trends will persist throughout the entire year. In this post, we’ll show you how these lead to grave outlooks for the rest of the year.

1. Ransomware still reigns as the top cyberthreat

For a couple of years now, businesses and institutions have been losing billions of dollars to ransomware. Just last August, the University of Utah paid a ransom of nearly half a million dollars. The payment was not for regaining locked-up data — backups took care of that — but rather to keep the school’s attackers from releasing student information online.

FYI: Here are reasons why University of Utah’s ransom payment was not a good idea: When data has been encrypted by ransomware, the data is presumed to have been copied. Cybersecurity experts explain that ransomware gangs may use the data for spear phishing purposes or sell it on the dark web or other illegal marketplaces. Cybercriminals are bad faith actors. It is foolish to trust that they’ll delete the data they stole just because they were paid the ransom. It is possible that cybercriminals may continue extorting victims who are willing to pay them. Ransomware payments fund future ransomware campaigns. Running a cybercrime ring is just like running a business — investments in machines must be made and costs for human labor and utilities must be paid. Giving ransomware gangs money allows them to victimize more people.

Beyond the loss of funds, ransomware may cause loss of life as well. Personal health information is valuable to cybercriminals such as identity thieves, so ransomware gangs have been launching more and more campaigns targeting healthcare providers. In fact, one ransomware campaign in September 20, 2020 indirectly resulted in the death of a patient in Germany.

Because it was dealing with a ransomware attack that day, the Duesseldorf University Hospital had to turn away a female patient who was in urgent need of medical care. Tragically, the patient did not survive being rerouted to another hospital 30 kilometers away.

After the German police reached out to the ransomware gang, the latter withdrew their ransomware demand and gave the hospital the decryption key they needed to unlock their data. While the cybercriminals in this incident showed conscientiousness, other cybercrime rings may be far more cruel and have no qualms putting people’s lives on the line.

2. Infrastructure will be targeted by hackers

The recent attack on a water treatment facility in Oldsmar, Florida has alarmed the federal government because of how easily it was pulled off. A hacker infiltrated the plant’s control system by using TeamWeaver, a tool the plant’s engineers use to remotely monitor and adjust the facility’s machines. The hacker increased the water’s level of lye — an ingredient in drain cleaners — to lethal concentrations, but fortunately, a plant operator noticed the altered settings and manually reverted them to normal. According to state officials, if no one had caught the anomaly, hundreds of town residents would have fallen ill or died.

The attack on the water treatment facility was one of the main reasons why the US government has begun beefing up the cybersecurity of another infrastructure component: power grids. The Department of Energy will work with operators and owners so that power utility control systems are rarely connected or completely disconnected from the public internet and that no remotely issued commands will be executed. With the electric grid as its starting point, the government plans to upgrade the cybersecurity of other infrastructure sectors as well.

The US government has begun beefing up the cybersecurity of critical infrastructure by starting with power grids.

3. Some multifactor authentication (MFA) methods are being bypassed by hackers

Not all MFA methods are created equal — and cybercriminals are taking advantage of the weaker ones. SMS and automated voice call MFA are particularly vulnerable because the one-time passcodes (OTPs) they deliver aren’t encrypted. These OTPs can easily be stolen by cybercriminals via automated man-in-the-middle attacks. Additionally, in a SIM swap attack, phone network staff may be fooled into transferring a user’s phone number onto a hacker’s SIM card. Once a SIM swap is completed, OTPs meant for the authentic user are delivered to the cybercriminal instead.

If MFA methods can be bypassed, this does not look good for businesses that have come to rely on it. Institutions such as banks will have to write off unreliable MFA tech as sunk costs, and they’ll have to revamp their IT infrastructure and processes to accommodate better MFA methods.

This is why Microsoft recommends that users use hardware security keys or OTPs generated by authenticator apps instead of SMS and automated voice call MFA.

 

FYI: Another cybersecurity measure that Microsoft is pushing is going passwordless. Talk to our Azure specialists to learn more about Active Directory’s frictionless access methods!

NetWize is the IT partner you need to keep up with the latest and gravest of cybersecurity threats. To learn more about what we can do for you, drop us a line today or call us at 801-747-3200.