Top security challenges of 2020 show us how to protect what’s next
2020 was an unusual year where circumstances shifted at record pace. Amidst the scramble and confusion, security teams rose to the occasion. Perhaps most significantly, organizations had to rapidly protect and scale their remote access while facing new security risks.
The past year has shown us just how cyber threats can impact our lives, and the need for everyone to prepare for evolving attacks in the future.
While many were focused on foreign election interference, domestic disinformation campaigns were quick to rise as well. Talos Director Matt Olney says that the commercialization of disinformation campaigns, or Disinformation-as-a-Service, is now more widespread but also easier to spot.
“As a result, a conversation with an election official in 2020 is fundamentally different than how it would be in 2016,” says Olney, “Gone are the times where I would say, ‘Let me tell you about this threat,’ because they’ve spent the last four years learning about those threats.”
Kane says that this is insidious because healthcare IT is the essential backbone of modern patient care—individual’s lives depend on whether this infrastructure is secure. A big challenge in the healthcare industry is legacy and outdated technology. Healthcare professionals and businesses are constantly balancing the risk of introducing new IoT technology and devices that may be insecure, while legacy technology may not be up to speed.
The shift to remote working in 2020 meant two things— making sure all employees could safely work from home and ensuring that they could still access the company resources and assets. Because of this, many turned to Remote Desktops, the technology that allows users to connect to a computer from a remote location. Voila, your office computer is now at your home desk, but RDP (remote desktop protocols) often pose security concerns as well.
Any remote desktop solution, if compromised, grants an attacker entry into the organization. Organizations who use RDP must implement extra security measures to keep themselves and their employees safe.
Big game hunting is when attackers leverage compromised systems as initial access points to the network. From there, the attack moves to gain access to additional systems while escalating privileges. The ransomware is only activated once these systems are accessed, so that the attacker creates maximum damage on the victim.
Like the ransomware trends, credentials are being used for future attacks—“credential dumping” is a technique when an attacker scours a computer for more credentials for further intrusions. Because there are plenty of areas within operating systems where credentials are stored, like memory, databases, or files, attackers can easily attempt to copy passwords once they have infiltrated and dump the credentials.
Jan 21, 2021 at 23:04