Tackling cybersecurity in 2021 under a new Administration.

Avril Haines, Biden’s nominee for director of national intelligence, told a member of the Senate intelligence committee, “China is adversarial and an adversary on some issues,” Haines said, “and on other issues, we try to cooperate with them.”  This double stance might prove to be difficult as cybercrimes continue to grow. She noted that tackling climate change is one area where the United States has sought Beijing’s cooperation. Concentrating on the positive traits of a relationship is a good starting point to a challenging partnership. Haines also said the hack was a “major concern,” and she has “a lot more to learn about what we know about this.”

Biden’s first major cybersecurity challenge will be dealing with the fallout and recovery from a Russian hacking campaign that infiltrated at least eight federal agencies and hundreds of companies and organizations.

In 2021 Cybersecurity has become challenging for everyone, from government agencies to private institutions. Staying ahead is a reasonable expectation which is losing ground; even taking preventive action before any threats exploit the system is difficult since, in most cases, the bridges in security are internal.

We live in the era of digitization. Criminals are getting smarter every day; as technology becomes more dispersed, it will also be more difficult to protect personal privacy.  In the past twenty-four months, new vulnerabilities and exploits have emerged overnight.  We dealt with threats like ransomware, phishing, vulnerability exploits, zero-day bugs, IoT-based attacks, etc.  In the first few weeks of 2021, we presented with AA21-008A: Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments.

In December, we had another major incident, AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations.  Another example of the risk of cybersecurity is the “Joe Biden’s Peloton bike may pose cybersecurity risk, experts warn.”

With the help of the internet, cloud infrastructure is coming online & becoming vulnerable to all sorts of attacks and breaches of personal information.  Another example is Easy Jet, where hackers have accessed the travel details of 9 million customers. Another example is the REvil ransomware that attacked a law firm (Grubman Shire Meiselas& Sacks) used by Lady Gaga, Drake, and Madonna, Facebook. Sony, HBO, U2, Elton John, and many others.

The hackers have allegedly stolen clients’ phone numbers, email addresses, personal correspondence, contracts, and non – disclosure agreements made with advertising and modeling firms. So, it’s not only the reputational or monetary loss that is the issue but the risk that businesses can even go bust after paying the penalties. Small firms may not even have the cash to pay or may get indebted.  Undoubtedly, cybersecurity is a concern that needs to take care of!

The Biggest cybersecurity challenges in 2021

The impact of Artificial Intelligence on cybersecurity.

Artificial Intelligence has transformed the era by not only acting and not only on the defense side but also on the attacker side. Biometric login is one example of Artificial Intelligence. After a lot of research and modeling, AI can learn the anomalies in behavior patterns that can be used as a defensive tool – but unfortunately, these same techniques can be used by hackers, phishers, or thieves to execute a cyberattack.

Cyber Attackers have made a target of everyone.

Cyber adversaries do not stop at countries’ borders, nor do they comply with different jurisdictions. Organizations, meanwhile, must navigate both a growing number and increasingly complex system of regulations and rules, such as the General Data Protection Regulation, the California Consumer Privacy Act, the Cybersecurity Law of the People’s Republic of China, and many others worldwide.

Cloud Risks.

AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations.

This Alert also addresses activity—irrespective of the initial access vector leveraged—that CISA attributes to an APT actor. Specifically, CISA has seen an APT actor using compromised applications in a victim’s Microsoft 365 (M365)/Azure environment. CISA has also seen this APT actor utilizing additional credentials and Application Programming Interface (API) access to private and public sector organizations’ cloud resources. These tactics, techniques, and procedures (TTP) feature three key components:

Compromising or bypassing federated identity solutions

Using forged authentication tokens to move laterally to Microsoft cloud environments and Using privileged access to a victim’s cloud environment to establish difficult-to-detect persistence mechanisms for Application Programming Interface (API)-based access.

This Alert describes these TTP and offers an overview of, and guidance on, available open-source tools—including a CISA-developed tool, Sparrow—for network defenders to analyze their Microsoft Azure Active Directory (AD), Office 365 (O365), and M365 environments to detect potentially malicious activity.

Note: This Alert describes artifacts—presented by these attacks—from which CISA has identified detectable evidence of the threat actor’s initial objectives. CISA continues to analyze the threat actor’s follow-on objectives.

Ransomware Threats

This is the fastest-growing cyberthreat capturing the headlines these days. Ransomware encrypts files or blocks access on the system or the network. Once the access is blocked, the hacker demands money depending on the criticality of the data or the organization’s size.  In these cases, besides victims losing the data, they may also be hit by financial and productivity losses and additional IT costs, besides legal fees – a considerable problem! Cybersecurity challenges

Internet Of Things (IoT)

As the adoption of the Internet of things is growing. Security threats such as DDoS, ransomware can be used to steal critical data from both the individual and the organization. Attackers can exploit vulnerabilities in IoT infrastructure to execute cyber-attacks.

• • • Built-In IoT Threats. As entities embrace the IoT, they still lag in the defense and guidelines departments.
    • AI in IoT Threats. It’s likely 2021will be the year of AI-powered IoT threats.
    • Deepfakes for IoT Threats.
    • More Specialized Cyber Crime.
    • Breakdowns Between State-Sponsored and Criminal Attacks.

Summary

The only way to protect what you’ve worked hard to build is to be vigilant when it comes to cybersecurity. If you’d like to know more about how your business can benefit from managed services, give us a call, we are here to help.