Sophisticated phishing and ransomware attacks, living-off-the-land attacks and hacked process flows: cyber criminals are becoming increasingly sophisticated. Here's an overview of what cyber threats are lurking this year.
Table of Contents
- New types of ransomware are not detected in time by existing security measures
- Only with a holistic infrastructure strategy is your IT environment properly protected.
2020 was also a turbulent year in terms of cyber security, and with the short message service Twitter or the video conferencing software Zoom , large companies were once again under fire. For smaller companies, cyber attacks and data leaks do not always make the headlines, but security vulnerabilities can have devastating consequences for companies of all sizes. The consequences range from financial losses to criminal prosecution to long-term reputational damage. If companies don't start preparing for the next wave of threats immediately, 2021 could be just as rocky as last year in terms of cyber attacks and data theft.
Well-known scams such as phishing, ransomware, Trojans and botnets will continue to be among the biggest cyber threats this year. According to Cybercrime Magazine, ransomware attacks are expected to cause damages of up to 20 billion US dollars in 2021. Such attacks are increasingly automated and tailored to personal data, often from corporate websites and social networks. During the first months of the pandemic, there was an increase in phishing emails - attackers took advantage of the fact that many workers were not familiar with remote work applications. As the trend towards automation increases, these types of threats will continue to grow in 2021.
_____
How SMEs can protect their IT environment in 2021
Xelon's security experts have compiled tips on how companies can protect their IT infrastructure from cyberattacks and data theft in 2021 in this blog post
_____
New types of ransomware are not detected in time by existing security measures
Fileless attacks-a subset of so-called living-off-the-land (LotL) attacks-use tools and functionality that already exist in the victim's environment. Fileless attacks do not rely on file-based usage data and, in most cases, do not generate new files. As a result, they have the potential to fly under the radar of many prevention and detection solutions. Typically, a fileless attack begins with an emailed link to an insecure website. Social engineering tricks on that website can launch system tools that retrieve and execute additional usage data directly in system memory. Distinguishing between the malicious use of integrated system tools as opposed to their many legitimate automation and scripting uses is often a major challenge for traditional security measures. The use of system tools as backdoors has been around for decades, but according to cyber security experts, they are currently an upward trend.
Sometimes cyber criminals identify vulnerabilities not in applications, but in the process flow of business operations. In recent months and years, an increase in business process compromises has been observed. In doing so, attackers exploit systemic vulnerabilities to their financial advantage. Business process attacks require significant knowledge of the victim's systems and operations. It often begins with a compromised system on the target network, through which the cybercriminals can observe the company's processes and gradually identify security gaps. These attacks on process flows are usually discreet and the affected organizations may not detect them in time. This may be especially the case if the affected process continues to function as expected at first glance.
Only with a holistic infrastructure strategy is your IT environment properly protected.
The protection of your IT environment can make the difference between success and failure. Companies should therefore regularly check their security concept for possible vulnerabilities. Carry out all relevant security software updates and ensure that the latest version is always in use. For IT service providers in particular, it is advisable not only to purchase servers or the IaaS packages from hyperscalers, which are often aimed at large companies, but to rely on a reliable cloud service provider. When working with an IT infrastructure provider, the external partner usually takes care of the security of the IT environment.
With a cloud-based infrastructure located in Swiss ISO-certified data centers, you no longer have to worry about cyber security and protection against hacker attacks. In addition to integrated security programs, automatic recording, continuous operation ("business continuity") and emergency planning are often included in the packages of cloud service providers. The external partner also assumes responsibility for software and hardware and performs regular patching of the systems, which minimizes security risks and ensures the best possible functioning of the systems.
Michael Dudli