By Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet’s FortiGuard Labs
Each year at this time, the FortiGuard Labs team takes a detailed look at the cyberthreat landscape and predicts what organizations should expect in the months ahead. While predictions may be more art than science, when it comes to cybersecurity we can learn a great deal by closely watching ongoing activity, evolving business trends, and combining that with our deep understanding of the opportunities cybercriminals gravitate toward.
As partners shift their attention to 2021 planning and dealing with the long term impacts of COVID-19, and the desire among organizations to restart their long-term digital transformation projects, it’s important to to help them navigate risk. That includes the threats they’re already aware of, and those they need to begin thinking about now in order to be prepared. What follows are elements of the evolving threat landscape that partners and their clients should put on their radar as we enter another year of uncertainty.
Targeting the Edge
The network edge should be the focal point of 2021 cybersecurity discussions. The shift away from a traditional network perimeter to an environment with multiple edges, consisting of WANs, multi-cloud, remote workers and the proliferation of IoT is well underway. It offers many productivity and efficiency benefits to businesses. But it also increasingly represents a growing opportunity for cybercriminals, drawn to the lack of central oversight and control over these edges, and the fact that they’re smarter and more interconnected than ever.
For clients still relying on a remote workforce, partners should ensure they’re well prepared for more attacks launched from an employee’s home network and executed in such a way to avoid detection. It’s likely we will soon see advanced forms of malware that are able to discover even more valuable data and trends using new EATs (Edge Access Trojans, performing intercept requests off the local network to compromise additional systems or inject additional attack commands.
The new generation of smart devices that interact with users tend to collect and store large volumes of information about its users. Targeting such devices can yield valuable information that can make social engineering-based attacks much more successful. And as these devices begin to control more elements of our lives, successfully compromising such a system can lead to catastrophic outcomes.
For many organizations, experience shows us that by the time they implement an edge computing strategy, the devices they will rely on will have already been compromised.
Targeting the Home
These same companies should also expect more of their people to become unwitting conduits for cyberattackers.The transition to remote work has been about more than just more devices remotely connecting to the network. While there was a spike in attacks targeting novice remote workers and vulnerable devices to gain network access, we are also beginning to see new attacks targeting connected home networks. Much of that effort is focused on exploiting older, more vulnerable devices such as home routers and entertainment systems.
Again, this will likely come in the form of social-engineering attacks, where attackers use the knowledge of a user’s daily routines or other company information to get past front-line defenses. Ransomware also continues to evolve. For organizations that oversee IT and operational technology (OT) systems, the risk is particularly high, as ransomware attacks on critical infrastructure could even put human lives at risk.
These emerging threats may seem daunting, especially when partners and organizations must also deal with the attacks they face today. The best approach for partners is to take a long-term view, and work with clients to build a security platform that can scale as needed, and that takes a holistic view of the modern network.
One area to explore is artificial intelligence. Taking advantage of security solutions that harness the power of AI is critical for defending against evolving and more sophisticated attacks. AI-enhanced technologies that can see, anticipate, and counter attacks will need to become reality in the future because cyberattacks of the future will occur in microseconds. Over time the primary role of humans will be to ensure that security systems have been fed enough intelligence to not only actively counter attacks but actually anticipate attacks so that they can be avoided. Clients who still rely on aging or siloed security solutions that aren’t integrated should seriously explore the advantages of an automated solution powered by AI in 2021.
Also, partners should work to help clients stay informed on the latest threat developments. Our FortiGuard Labs, for example, offers a wide range of updates, insights and alerts that can help organizations better understand the threat landscape and know where and how they may have to take action.
In 2020 we saw rapid change on a global scale as organizations attempted to adapt to our new normal. Going into 2021 and beyond, we face another significant shift. Now’s the time for partners to help prepare their clients to shift from defending against yesterday’s threats, and start to focus them on the attacks we’ll all have to be ready for in the future.