2020 will go down as a year unlike many of us have (and hopefully, will) ever experienced. Amongst the reasons that the year was “unique” for some of the wrong reasons was the cybersecurity threat landscape. In fact, as CrowdStrike mentions in their annual Global Threat Report, 2020 was “perhaps the most active year in memory.”
Here, we’ll cover some of the shifts in the ever-changing threat landscape + what it means for you.
“Big Game Hunting” as a Cyber Criminal Strategy
“Big game hunting”, in it’s traditional sense is hunting large game animals for meat, commercially valuable by-products such as horns, furns, tusks, bones, body fat/oil, or special organs and contents. Many automatically think of Africa’s “Big Five”, which consists of lions, African elephants, Cape buffalo, African leopard, and rhinoceros.
Cybercriminals are largely shifting this same mentality to “hunt” high-value targets because of the lucrative payday potential in acquiring as much data as possible. Downstream, the impacts for victims of such crimes are massive. This isn’t purely because of the sheer size of the data sets, but more specifically because of the sensitivity of the data, combined with reputational or regulatory impacts of it being exposed.
The most natural reaction — particularly by those in the SMB segment — is that this “target” placed on the high-value assets starts and ends purely with the enterprise. And while it’s true that enterprises are being targeted more than ever before, it also means that the main information grids such as the public clouds (Amazon, Google, Microsoft, etc.) and any business that leverages these resources is at stake as well.
More Sophisticated Attacks
There are new tools, procedures, and strategies at play for cybercriminals than ever before. Industry leaders note that with alliances being formed amongst independent groups and malicious actors based in China, North Korea, and Russia have given way to more integrated attacks. Working in concert with one another, leveraging new ransomware variants, targeting non-traditional areas within an organization, and staggering the release of the stolen information have played into a materially more complex landscape than has ever been seen before.
2020 saw several notable attacks, some of which affected public figure personalities in the entertainment space + household name companies like Facebook. In those instances, the average ransom payment was $1.1 million.
Additionally, 2020 saw what’s largely been referred to as “the hack of the decade”, where a nation-state actor breached the network of IT software provider SolarWinds. We personally think that it’ll be quite some time before everyone truly understands the scope and scale of the attack, but the more we learn, the more ugly it looks. The SEC has already identified at least 18,000 potential victims of this attack alone, which includes government entities and companies alike.
At its core, these integrated ransomware attacks are forms of extortion. Accelerated by the opportunistic environment of 2020, the CrowdStrike report notes that “2021 will be the year of extortion” — so we certainly haven’t reached an endpoint.
Exploitation of Pandemic Environment
We’ve said this before, but the largely abrupt shift to remote work put companies of all shapes and sizes into a security situation that most were not prepared for. The widespread use of personal computers for work, sharing of said devices amongst family members dramatically increased the volume of potential entry points for bad actors to gain access into.
Additionally, phishing attempts preyed on the pandemic sentiment by tapping into very human emotions such as hope, fear, and curiosity. With masses looking for light at the end of the tunnel, malicious actors pieced together scams for financial assistance, government stimulus packages, and businesses who either were or thought to be eligible for federal relief plans like PPE, for example.
Who is Most At-Risk + What to Do
The tough reality is that there is no one-size-fits all way to think about all of this. The threat landscape is very real and growing, both in terms of volume and complexity. Businesses of all shapes, sizes, and industry are being targeted, but there are ways to harden your environment to give yourself the best chance at keeping your data safe without taking unnecessary risks.
Even if you’re an SMB, it’s important to approach IT and information security as if you were an enterprise. This starts with professionalizing the way in which you manage infrastructure, data, and end user computing. So much of what we provide at Magic Desk accomplishes this; having a team with decades of experience serve as your team, putting your infrastructure into a private cloud that is actively managed and monitored by that team, virtualizing the desktop environment for employees (no matter where they’re working from or the device), and using best-in-breed tooling to keep the bad guys out.
If you’re curious about how this all might impact you + your business, please reach out to our team of technology advisors. We’re here to help at firstname.lastname@example.org