Four emerging cybersecurity trends

Author: Mel Griffiths

Four emerging cybersecurity trends

 As new technologies, systems, platforms and operating models materialise, cybercriminals continue to make global headlines by taking advantage of any detected vulnerability. We’ve analysed five cybersecurity trends for 2021 along with some ideas on how to mitigate the impacts of such an evolving threat landscape.

  1. The Rise of Machine and deep learning.

The capabilities from sophisticated machine and deep learning technologies offer valuable insights and systems to replace the human intervention factor to analyse the masses of threat data.  Identifying every kind of malware is nearly impossible but applying machine learning techniques is one way to use autonomous cybersecurity techniques to your advantage. These systems may use databases to quickly pull information about previously detected threats and examine them to determine if it is malicious.

Again, even with the advent of this technology, the cybercriminal is evolving.   They are also using advanced machine learning techniques to manage their attacks and deploy techniques such as data poisoning and model-stealing. These sophisticated attack techniques are also using technologies and tools to make their hacks more effective. They are creating automated malware and ransomware to gain access to the increasing breadth of corporate technologies.

Looking ahead, machine and deep learning cybersecurity tools will continue to evolve, and trends are showing that even organisations that suffered an attack but also had advanced cyber security technologies still saved millions in 2020. Unfortunately, threats and attackers will also learn the norms of the machine and deep learning techniques and build attack capabilities to counter the advanced technologies in cybersecurity space.

  1. Increased remote working arrangements and cloud computing.

Today, the shift to a hybrid model of the workplace has become the norm.  Yet remote work and cloud computing continue to pose a cybersecurity threat. The remote working environment is appealing to threat actors because most home networks aren’t professionally managed, and companies have been rushed to accommodate this new remote landscape.  Many of the typical security measures may have been overlooked or side stepped to keep operations running and therefore created new risks for all industries.

We have seen that organisations use VPN networks to connect to corporate networks for work tasks, however attackers have learned how to exploit the VPN technologies and connections to take advantage of the trust model of a VPN connection. Hence, organisations are now rethinking their remote working security by exploring a zero trust model where every user and connection receives verification before accessing any resources. This means identities, endpoints, applications, data, networks, and visibility are protected by security elements such as multi-factor authentication.  Again, threat actors have found weaknesses in this technology through the actual phone network and now the trend is to move away from SMS passcodes.

  1. Attacks on critical infrastructure.

Critical infrastructure such as water, gas, transport, electricity, ports, healthcare, and telecommunications are under constant threat now.  Public services and privately operated infrastructure are becoming increasingly interconnected between the physical and virtual environments and therefore increasing the attack vectors.  Typically, cyber-attacks targeting critical infrastructure focus on control systems rather than and information systems or data as seen in IT related cyber-attacks.  By disrupting control systems within Operational Technology (OT) the physically connected devices that support extensive industrial processes are likely to cause the most devastating impact.

Security within OT is reacting to this threat by implementing updated security mechanisms to deliver automated and real-time alerting and visibility of their networks.  Governments are also legislating the protection of these operational environments as the consequences can be devastating to the communities and populations that depend on these services.

  1. Social engineered attacks.

Increasingly, emotional tactics to gain access to systems and information are being favoured by threat actors. According to recent statistics, 98% of cyberattacks use social engineering ploys, with COVID-19 giving rise to these incidents.

Organisations are now stepping up their measures to educate the workforce of these tactics and conduct employee training on phishing and scareware will help identify malicious attempts before they cause harm.  Some organisations conduct regular exercises and assessments with employees to test and learn and ultimately stop social engineering tactics from getting past the inbox. Other techniques include improving the identity management strategies to combat an insecure remote workforce.