Attackers are continuously adapting and disguising things to make them look acceptable, whether it is emails, text messages, fake news, social media scams. What threats does 2021 have in store for Small and Medium-sized Organisation? We explore the range that SMO's need to keep aware of.
This is an edited transcript from a video blog recording of Sarb Sembhi, CTO and the CISO for Virtually Informed, and his co-host Nick Ioannou, Director of Boolean Logic.
As we see through the end of 2020, which was a horrendous year for many Organisations in so many ways, 2021 looms with string of high-profile hacks that has sent shockwaves throughout the industry. Not only are attackers getting used to the changes to the new normal, they have got a lot more in store responding to the changing ways that we live and work from home. This affects all Organisations not just Small Organisations.
Today, we look at some of those threats from four perspectives, Firstly, threats that will continue (as they have been successful for attackers.) Secondly, older threats that are making a comeback. Thirdly, we have new and emerging threats, and finally the others – which are a mixture.
Current threats that will continue
Things that work are less likely to change, especially for criminals, if they are making money, they want to continue using the same tried and tested approaches, but keep ahead of technology.
Where they make changes to existing approaches, we have included them in the New and Emerging Threats.
"... threats that will continue include, ransomware, Managed Service Providers, supply chain and finally email based threats."
Like it or not, ransomware is not going away. It is too profitable for the criminals, which means it will continue to evolve. Locking a organisation out of their data though is no longer enough to convince many of them to pay a ransom, so data is also stolen with the threat of public disclosure and the resulting fallout to further convince organisation to quickly pay up.
To fuel their list of attack targets criminals are buying lists of compromised users and devices, to make it easier for them to get a return on their investments. Further, criminals are getting very aggressive about getting payments and Small Organisations may not know how to deal with the aggressive situation. Basically, this means that no Small Organisation is likely to be immune from attack unless they have previously prepared for how they will deal with such attacks.
Managed Service Providers (MSPs)
MSPs have always been an attractive target to cybercriminals and a compromised MSP could yield full remote access to potentially hundreds of victims, depending on the MSP’s client base. If the MSP also manages their client’s data backups, it would be easy for the cybercriminals to steal the data and monetise it at a later date. Cybercriminals would also be able to quickly install ransomware on the MSP’s clients, and in many cases disable much of the security due having full administrator rights on the client’s network.
These attacks highlight the importance of selecting the right MSP. It is important, not just in how secure they are, but also how do they deal with such breaches when they are discovered to respond quickly to help their customers. Their Incident Response capabilities are vital to protect their customers, so when choosing a MSP, check out their response to Incident Handling practices from a customer's perspective. This section of the article is only available for our subscribers. Please click here to subscribe to a subscription plan to view this part of the article.
This section of the article is only available for our subscribers. Please click here to subscribe to a subscription plan to view this part of the article.