Phishing, monetary gain and supply chain attacks characterise cybercrime
Increased phishing attacks, monetary gain and supply chain attacks have emerged as the key trends that characterised cybercrime for most of 2020, according to a new report from Keysight Technologies.
The company announced the findings of its fourth Keysight Security Report, which features network security trends over the past year from Keysight's Application and Threat Intelligence (ATI) Research Centre and highlights three areas of critical concern to network security.
Scott Register, vice president, security solutions for Keysight, says cybercrime did not take a holiday during the pandemic.
"Cyber criminals leveraged phishing, ransomware and supply chain vector attacks to strike networks for financial gain. We believe that these network security trends will continue in 2021," he says.
According to the report, phishing attacks increased by 62% in 2020 over 2019. In fact, there was rapid increase in these attacks when the pandemic took centre stage in March and April as social engineering attacks were related to the pandemic.
Monetary gain also took centre stage as a key cybercrime motivator, the report says. There was a huge uptick in the deployment of ransomware starting in June. While this trend was directed across all industries, healthcare was hit especially hard. Fifty nine percent of the attacks occurred during the second half of 2020.
Supply chain attacks hit the headlines with the SolarWinds attack. The report says the supply chain continues to be a weakness and the SolarWinds attack reinforced the need for security architects to embrace a holistic and comprehensive approach.
Strategic Insights from the Keysight Security Report, 2021
Strategic Insight #1: Phishing and additional social engineering attacks will continue to take advantage of pandemic-related headlines.
Keysight's recommendation: People need to recognise social engineering vaccination scams and network security teams must be aware that bad actors target personally identifiable information (PII) in a healthcare and government setting.
Strategic Insight #2: Ransomware is highly popular because it makes a lot of money for bad actors. While it's not going away, business models continue to mutate along with malware variants.
Keysight's recommendation: It's critical to keep enterprise threat detection systems up-to-date with the latest signatures and behavioural patterns, as ransomware builders are getting better at obfuscation and avoiding detection. In addition, network security teams should also be aware that exploitation practices evolve.
Strategic Insight #3: An organisation's supply chain is more than just components. There is a tendency to think of a supply chain as outside entities that either supply a company with software and hardware components or the supplies used when building a product.
Keysight's recommendation: The supply chain is critical to the operation of a business, including utilities, email, cloud providers and even coffee suppliers. Network security must consider non-traditional components that may touch an organisation and IT systems.
Strategic Insight #4: Zero-trust is more than just a buzzword. It does not mean limiting what users can see when they connect to an organisation's network.
Keysight's recommendation: A successful zero-trust implementation requires that systems and users can only access the internal or external resources that they absolutely need.
Strategic Insight #5: Assume an organisation is breached and behaves accordingly.
Keysight's recommendation: Organisations need visibility into their networks and cloud resources. If network security teams cannot spot anomalies hiding in their network (whether on-premises, in the cloud, or a remote user), then they are allowing breaches to remain undetected indefinitely.