We seemingly all agree that 2020 was a yr we can’t quickly neglect – for a lot of causes. One space significantly impacted final yr was (and continues to be) cybersecurity.
Whereas Web entry allowed many companies to proceed functioning through the COVID-19 keep at residence necessities, the unprecedented variety of folks accessing firm belongings remotely launched many new challenges for cybersecurity professionals.
With a historical past of leveraging societal maladies to their benefit, cyber criminals leverage the confusion and unpreparedness created by the worldwide pandemic of their cyber assaults.
In simply the final two months of 2020, a number of high-profile organizations and authorities entities have been efficiently attacked utilizing intelligent approaches that have been ignored by cybersecurity specialists. Making sense of how assaults have modified and what new defensive methods must be taken isn’t any straightforward job. Cybersecurity firm Cynet will assist by reviewing the 2020 excessive profile assaults in depth and information cybersecurity professionals for 2021 in an upcoming webinar (register here).
Till then, what excessive profile assaults are they prone to discover?
The Prime 2020 Cyber Assaults
With out sufficient house to cowl all the highest assaults in 2020, a number of vital breaches have been predominantly achieved by new methods.
The assault concerned hackers compromising the infrastructure of SolarWinds, an organization that produces a community and utility monitoring platform known as Orion. The attackers then used that entry to supply and distribute trojanized updates to the software program’s customers, together with 425 of the US Fortune 500, the highest ten US telecommunications firms, the highest 5 US accounting corporations, all branches of the US Navy, the Pentagon, and the State Division, in addition to lots of of universities and faculties worldwide.
Cybersecurity firm FireEye was efficiently breached utilizing a malware-infected replace to SolarWinds Orion.
An extra malware, dubbed Supernova, additionally used the SolarWinds Orion product as its supply technique however was seemingly developed and utilized by a unique menace actor.
Software program AG
The second-largest software program vendor in Germany and the seventh-largest in Europe, Software program AG was reportedly hit by a Clop ransomware assault in October 2020. It was reported that the cyber-criminal gang had demanded a $23 million ransom.
Sopra Steria is a European data expertise agency with 46,000 workers in 25 nations, offering a big array of IT providers, together with consulting, methods integration, and software program improvement. In October 2020, Sopra Steria was attacked by what turned out to be a brand new model of the Ryuk ransomware, beforehand unknown to antivirus software program suppliers and safety businesses.
Hackers with entry to the system used for connecting cellular networks the world over have been in a position to achieve entry to Telegram messenger and e-mail information of high-profile people within the cryptocurrency enterprise. In what’s believed to be a focused assault, the hackers have been after two-factor authentication (2FA) login codes delivered over the quick messaging system of the sufferer’s cell phone supplier.
What To Count on in 2021
It is going to be fairly attention-grabbing to listen to Cynet’s perspective on what’s going to unfold over the approaching yr. Ransomware exhibits no signal of abating, and assaults on third-party suppliers to achieve entry to their shoppers’ environments will undoubtedly proceed. A big distant workforce seemingly opens firms as much as conventional social engineering assaults as nicely.
When it comes to defensive actions, third occasion threat administration will definitely be prime of thoughts following the SolarWinds fiasco. Distant endpoints and distant staff will have to be higher protected.
Automated response methods will definitely achieve traction as response occasions to issues like ransomware should speed up to machine pace to forestall infections from propagating throughout the atmosphere and locking up essential system belongings. We’re definitely in for a bumpy trip forward. Look to cybersecurity specialists steeped in defending consumer organizations for insights and recommendation transferring ahead.
Register for this dwell webinar here