HP Predicts More Targeted Cyberattacks in 2021

Zero trust is expected to become the new standard to combat them.

PC security

HP has just released its 2021 forecast for computer threats. During the next 12 months, HP anticipates an increase in cyberthreats such as human-made ransomware, message hijacking, unintentional insider threats, corporate email corruption, and “whaling” attacks.

These 2021 forecasts are the results of analyses by a panel of cybersecurity experts at HP: Julia Voo, Global Lead Cybersecurity and Tech Policy; Joanna Burkey, CISO; Boris Balacheff, Chief Technologist for Security Research and Innovation at HP Labs; Dr. Ian Pratt, Global Head of Security for Personal Systems; and Alex Holland, Senior Malware Analyst. This panel also brings together several experts from HP's security advisory board, including Justine Bone, CEO of MedSec, and Robert Masse, Partner at Deloitte.

Business security is weakened, and will lead to an increase in unintentional insider threats

The massive recourse to teleworking observed in 2020 will pose a certain number of challenges for companies. Voo says, “The consequences of the pandemic have weakened security within companies. Insecure remote access, the vulnerability of VPNs, and the reduction of teams within IT departments all mean that corporate data is less and less secure.”

The playing field for cybercriminals has widened dramatically with new opportunities. “We should expect cybercriminals to identify and exploit any new vulnerabilities that have emerged as a result of new ways of doing business,” says Burkey.

Balacheff says the pressure also will increase on computer hardware. “We anticipate an upsurge in attacks on home computer equipment,” he says. “The spread of teleworking encourages hackers to attack consumer IoT devices, and then gain access to the professional network. These attacks on the home network are formidable because teleworkers often do not have access to the resources of the IT department to counter them.”

Burkey says human errors also will multiply: “When employees work remotely, the line between professional and personal equipment becomes blurred. An act as innocent as reading a personal email on a company machine can have serious consequences.”

In general, the pandemic has increased the risk of mistakes employees make. Masse says, “Companies will have to deal with the exhaustion of remote employees, having to find solutions on their own, which can lead to a multiplication of errors of judgment.”

Ransomware attacks will remain significant threats

Burkey says the ransomware trend will intensify this year, as it has become a popular tool for cybercriminals. “We are seeing an increase in ransomware-as-a-service attacks that threaten not only to confiscate data, but above all, to disseminate them publicly,” she says.

The upsurge in ransomware has resulted in the development of criminal actors specializing in these attacks. Malware transmitted through emails such as Emotet, TrickBot, and Dridex often are the precursors of human-made ransomware attacks.

“To optimize the impact of an attack, cybercriminals use their access to infected systems to anchor themselves in organizations' networks,” says Pratt. “Many hackers use security tools to get their hands on domain controllers, the best gateway to the network, and thus deploy their ransomware.”

According to Holland, this trend is particularly problematic for the public sector. “The increase in ‘double extortion’ ransomware, where victim data is exfiltrated before being encrypted, will be particularly damaging for organizations in the public sector, as these process personal data,” he says. “Even if the ransom is paid, there is no guarantee that the perpetrator of the threat will not monetize the stolen information.”

Innovative phishing techniques will lead to message hijacking and whaling attacks

In 2021, phishing will incorporate innovations aimed at deceiving users and making attacks less identifiable.

“The most innovative mass phishing method we have observed is email hijacking, used by the Emotet botnet,” says Pratt. “The method consists of automating the creation of phishing lures by stealing email data from infected systems. These are then used to respond to conversations, with messages containing malware in a very convincing form.”

To break out of their pandemic isolation, people have shared more information online, providing opportunities for cybercriminals.

“Whaling attacks are a highly targeted form of phishing aimed at senior executives. They will intensify, as cybercriminals can use personal information shared online to create very compelling decoys and infect business emails,” says Masse.

Voo says many phishing emails of this type will continue to exploit the current anxiety-provoking climate. “Indeed, fear can encourage people to open malicious emails; for example, dealing with vaccines against COVID-19, financial distress relating to the health crisis, or even possible political instability,” she says.

Health is one of the sectors most at risk in 2021.

“Health is an ideal target. All of society depends on it, but organizations in this sector are generally under-equipped and often lagging behind in terms of innovation. The education sector also meets these criteria and may well be another prime target,” says Bone.

Beyond hospitals and doctors’ offices, this threat extends to even more sensitive areas. “Due to the race to develop new vaccines, pharmaceutical companies and research institutes will also continue to face significant risks,” says Masse.

In the next 12 months, cybercriminals also will turn to other targets.

“Automobile manufacturers and, in particular, electric vehicle manufacturers, will become prime targets as their attractiveness and profitability increase. We must also expect that critical infrastructures and industrial IoT will remain in the sights of hackers,” says Masse.

Zero trust becomes a new standard that must be implemented transparently for the user

Zero trust is not a recent concept, but the spread of teleworking has made it a reality companies now must integrate.

“Traditional methods of securing access to the company's network, applications, and data are no longer suited to their needs,” says Pratt. “The concept of the perimeter has become obsolete. Over the years, workers have ‘dispersed’ and the adoption of SaaS has increased. This means that today, sensitive data is hosted outside the corporate firewall. The time has come for companies to start protecting themselves from the unknown. That is, using zero trust, but in a way that is transparent to users.”

The health crisis will be a driving force in the generalization of zero trust, and innovations will multiply in this area.

“Zero trust is the best security approach in an environment where telecommuting is becoming the norm,” says Bone. “However, for identity and access management to be transparent, it must be easy to use. The use of high-performance authentication solutions is fundamental for the implementation of zero trust, which is why biometrics is a technology of the future.”

A new approach to security

“2020 has shown how essential the management of a highly distributed infrastructure has become,” says Balacheff. “Businesses must accept the fact that the future will be scattered. From teleworker equipment to industrial IoT devices, all are now the new frontline in the battle for cybersecurity in an increasingly cyber-physical world. To meet this challenge, organizations must rethink their architecture and security controls, and embrace the necessary technology and process innovations to be able to adapt to this new environment. Thanks to innovations in computer hardware, teleworkers can now be better protected against cyberattacks.”

Pratt says, “In 2021, companies will face a significant security challenge as cybercriminals are increasingly adept at how to extract the most value from their victims. Relying on detection alone promises unsatisfactory results for the company. An architecturally sound approach is needed, including security features built into the hardware. Technologies like micro-virtualization are transparent to end users, as they can click on email attachments and download files as they normally would − except they can be confident that in the presence of any malicious object, it will be circumscribed.”

“2020 has been a very difficult year for many companies that have suffered several cyberattacks, especially in the e-commerce, healthcare, media, and finance sectors,” says Balacheff. “The massive transition to teleworking has increased risks, complicated the work of IT departments, and rendered the reinforced scope strategy obsolete. Now, more than ever, businesses need to think about securing work devices. In 2020, cyberattacks were highly targeted, with the use of sophisticated decoys to trick users into engaging in risky behavior. This risk will increase in 2021, with more cyberattacks targeted at endpoints. There is an urgent need to adopt a cyber approach based primarily on endpoint protection to stay one step ahead of cybercriminals.”

To learn more about how HP can help address managing the impacts of the increase in security threats, visit HP’s Security Services page.


Copyright © 2021 IDG Communications, Inc.