Our cybersecurity partners at WatchGuard have put together an impressive guide to what we all need to be aware of as we move towards 2021 and beyond.
They predict that hackers will find more ways to attack us and find ways through our homes and personal devices, in order to infiltrate our corporate networks.
We have summarised their key warnings in this blog, or you can read their full report for yourself here. We recommend and have installed WatchGuard for many of our customers, if you want to take advantage of the protection WatchGuard brings, do get in touch with us here at SCS.
In the meantime, here are their 2021 cybersecurity predictions:
- Automation drives tidal wave of spear phishing campaigns
These attacks are frighteningly clever. They seem so personal and believable that well . . people can’t believe they aren’t genuine – and they click the link.
Spear phishing attacks involve highly targeted malicious emails that include specific and accurate details about a particular individual, perhaps related to their interests or role at their company. Traditionally this has been a manual and time-consuming process although it was still fairly common due to potential high returns.
Things have taken a turn for the worse though. Cyber criminals can now automate the elements of spear phishing that were once manual by combing social media and company websites for personal information to enable them to send customised information to thousands of individuals. We can hope that this automated process may make this type of email easier to spot – but as always – if anything seems too good to be true, or just feels even a little bit ‘off’ – DO NOT CLICK THE LINK.
2. Cloud hosting providers finally crack down on cyber abuse
Most cloud-hosting services offer internet accessible data storage. Users can upload whatever they want to store – but this can leave these services exposed to phishing attacks. WatchGuard are predicting that Cloud-hosting providers will deploy automated tools and file validation during 2021 to begin heavily cracking down on this.
3. Hackers infest home networks with worms
Home-based working has undoubtedly increased threats. Virtually overnight we all had to adopt new practices, and this is expected to continue as many staff are enjoying the benefits of home working or aren’t ready to return to the office yet. Home networks are often less protected than organisational ones and hackers are deliberately seeking out to infect laptops and smart devices on home networks as a way to ultimately infiltrate corporate networks. They are likely to utilise malware that is capable of spreading across networks looking for signs that an infected device is for corporate use.
4. Booby-trapped smart chargers lead to smart car hacks
Smart car chargers do have a data component and whilst there hasn’t been a major hack for some time, with the rise in popularity of smart cars it is likely that hackers have these in their sights, so this is one to look out for in 2021.
5. Users revolt over smart device privacy
More and more connected devices are being added to our lives every day. Alexa, Siri, even our lighting and our door-bells. Not to mention the data on our ‘wearables’ such as the health data that our smart watches are collecting. Whilst the benefits of these technologies are clear, WatchGuard predict that as consumers we will start to push back against the corporations in order to protect our privacy.
6. Attackers swarm VPNs and RDPs as the remote workforce swells
With more people working from home corporations are utilising Virtual Private Networking (VPNs) and Remote Desktop Protocol (RDP) solutions more than ever. RDP is already one of the most attacked services on the internet and WatchGuard expect attackers to significantly ramp up their assaults.
7. Attackers pinpoint security gaps in legacy endpoints
This is another risk which is exasperated by home working. If people are using software which is no longer supported (for example Windows 7) this increases vulnerabilities and cyber criminals are likely to exploit this. More people are likely to be using legacy systems if they are working from home rather than using the corporate systems.
8. Every service without MFA will suffer a breach
Multi factor authentication is going to be essential. WatchGuard are sticking their neck out and saying that if you use a service that does not have MFA enabled you will suffer a breach or an account compromise as cyber criminals have found incredible success using stolen usernames and passwords.
WatchGuard provide a wide range of cybersecurity solutions – if you would like us to advise you as to which would protect your organisation in the best way, please contact us here at SCS Technology Solutions.