Cybersecurity service provider, Trend Micro has predicted that cybercriminals will target critical launch pads in 2021. Primarily, home networks, remote working software, and cloud systems to compromise corporate IT and IoT networks.
The company predicted that organisations in 2020 would face escalating risk from their cloud environments and supply chains. Increased adoption of cloud and DevOps environments was also expected to increase business agility while exposing organisations to third-party risk.
From the cloud layer all the way down to the home network, IT security leaders were urged to reassess their cyber risk and protection strategy in 2020, as attackers were expected to increasingly target data stored on the cloud, targeting cloud providers directly, or compromising third-party libraries to do this.
Managing Director for Trend Micro and Nascent Countries, Goh Chee Hoh said that as a result of the Covid-19 outbreak companies will go for remote working and that will persuade more attacks on data and networks.
“Security teams need to commit to user training, extended detection & response, and adaptive access controls. 2020 is all about surviving but now it is the time to thrive with a more comprehensive cloud security as a foundation,” added the Managing Director.
Trend Micro’s report said that end users who access sensitive data will likely be attacked. Human Resource (HR) professionals accessing employee’s data, sales managers working with sensitive customer information, or senior executives managing confidential company numbers needed to be protected.
Since their data is valuable, the attackers will exploit the vulnerabilities in online collaboration and productivity software soon after they are shared.
The company also warned that exposed APIs will be favourable for attacks as it provides access to customers’ data. Cloud systems are another area that are likely to be threatened because attackers will deploy malicious attempts to take over the cloud system.
Subsequently, there are measures to take to mitigate these threats:
· Foster user education and training to extend corporate security best practices to the home, including advice against the use of personal devices
· Maintain strict access controls for both corporate networks and the home office, including zero trust
· Double down on best practice security and patch management programs
· Augment threat detection with security expertise to protect cloud workloads, emails, endpoints, networks, and servers round-the-clock
Like in the past, cybercrime will continue to be a significant threat. Organisations and security teams must be prepared in taking actions against the digital anomaly.