BeyondTrust experts, Morey J. Haber, Chief Technology Officer and Chief Information Security Officer; Brian Chappell, Director, Product Management and Karl Lankford, Director, Solutions Engineering forecast the future threat vectors that most likely to affect organizations worldwide in the New Year. These projections are based on shifts in technology, threat actor habits, culture, and decades of combined experience.
Prediction #1: The Hacking of Time -- Network Time Protocol (NTP) and Windows-time-based servers will become a protocol of interest to hackers. These protocols help control the timing of everything transaction-based within an organization. If the timing is off, everything from licensing servers to batch-based transactions can fail, creating denial of service attacks in key infrastructure on the Internet and within the backend processes of an organization.
Prediction #2: Poisoning of Machine Learning Training Data -- As machine learning becomes more widespread within enterprises for making automated decisions, attackers have a new vector to consider. After a threat actor steals a copy of the original training data, they will begin to manipulate the models generated by injecting poisoned data into the training pool, creating a system that has learned something it shouldn’t. This manipulation will have a multiplying effect due to the automatic processing by downstream applications, destroying the integrity of any legitimately processed data.
Prediction #3: Weaponized AI, Now Just Another Tool in the Attacker Toolkit -- Threat actors will leverage machine learning (ML) to accelerate attacks on networks and systems. ML engines will be trained with data from successful attacks. This will allow the ML to identify patterns in the defenses to quickly pinpoint vulnerabilities that have been found in similar systems/environments. Data from all subsequent attacks will be used to continue to train the cyberattack engine. This approach will allow attackers to zero in on entry points in environments far more quickly and stealthily as they will be targeting fewer vulnerabilities with each attack, evading tools that need a volume of activity to identify wrongdoing.
Prediction #4: Deepfake Everything -- Expect to encounter a new wave of deepfakes that challenges us to believe whether the entity on the other side of an interactive chat window or video call is human or not. For instance, you could soon have interactive sessions with past presidents or even deceased love ones. We will increasingly be in situations, unbeknownst to us, where we are engaged in communication with deepfake technology rather than with a real person.
Prediction #5: Cyberattackers Set up Shop at the Network Edge -- New attack vectors will target remote workers and remote access pathways. Cybercriminals will continue to wage social engineering attacks and also try to exploit common home devices that can be used to compromise an individual and allow for lateral movement into a business. Social engineering attacks will primarily involve various forms of phishing, including by email, voice, text, instant messaging, and even third-party applications. We foresee remote workers to reign as the number one attack vector for exploitation in 2021.
Prediction #6: Data Privacy Implosion -- In 2020, the European Union (EU) court system overturned the governance for protection provided by the EU-U.S. (United States) “Privacy Shield.” Throughout 2021, businesses will scramble to adapt to this expansion of data privacy regulations and the potential implosion of established policies based on challenges in the court systems. International businesses will have to adapt quickly to reengineer how they process client data. Businesses that operate in multiple states must consider how they manage data per state, process it in a centralized location, and codify how they develop procedures around data deletion and breach notification.
Prediction #7: Social Media Attack Vectors Thrive in the Era of Social Distancing -- Expect attackers to move beyond just targeting individuals through social engineering to targeting businesses as well. Poor authentication and verification practices will allow social media-based attacks to be successful. Malicious QR codes or abbreviated URL’s could also be employed to obfuscate the malicious website. Since the social media controls around posting, verification, and URL redirection are so poorly managed, expect new attacks to flourish.
Prediction #8: Cybercriminals Play Puppet Master with Compromised Human Identities -- To reduce the cost of an attack and improve profitability, cybercriminals will target individuals directly to gain an initial foothold in the environment by using non-cyber forms of coercion (bribery, extortion, etc.). These attacks will primarily focus on public figures (politicians, actors, activists, executives, etc.). As more of the human target’s sensitive personal data is stolen digitally, the pressure will mount for individuals to carry out nefarious actions or have their data and privacy exposed to the public.
Prediction #9: Cyber Insurance becomes Mandatory—Cybercriminals Rejoice -- Cybercriminals will target large brands with insurance policies. The insurance policies will pay out to release stolen data rather than face paying out on the policy to cover any remedial action, providing attackers with a new stream of income.
Prediction #10: Who goes there? Friend or Fake? The Rise of Identity-Centric Security -- As systems and services move out of the traditional network/data center environment, security leans more heavily on proof of identity. A verified identity could now be the only ‘key’ needed for all access. Attacks on the mechanisms that maintain and secure verified identities will increase through 2021 and beyond.
For more information, please visit: https://www.beyondtrust.com/press/beyondtrust-releases-cybersecurity-predictions-for-2021-and-beyond.