With the administration of COVID-19 vaccines beginning around the world, many of us have begun to look to a future where the pandemic does not totally dominate our lives. Naturally, the way we socialize and work will have shifted. Remote work, for instance, has shown to be more productive and preferable for many businesses.
In the cybersecurity space, we’re also beginning to realize which threats are opportunistic and temporary – and which ones are here to stay. Phishing scams that target recipients of COVID-related government assistance, for example, will not be as relevant as they were during the peak of mandated shutdowns and business closures.
However, we predict these three security risks will become persistent threats to businesses of all sizes, even when the pandemic is over. Here’s how cyber threats have evolved over the pandemic – and how to protect your data for the future.
Remote Access Trojans (RATs) are increasing
As mentioned, the pandemic brought a slew of attacks inspired by COVID-19 related scams. Hackers would use phishing attacks and other coordinated campaigns to trick individuals into providing access to secure systems or to hand over personally identifiable information (PII) without realizing the security risks.
This pattern continues even as the pandemic wanes. “The cybersecurity community has lately become aware of numerous attempts to mimic informational applications, and that malicious activity can occur underneath a good-looking infection map or fictitious ‘infection radar’” writes one expert.
These pandemic-related scams are unbelievably successful, which is why hackers will continue relying on this method –– with some tweaks. Remote Access Trojans are expected to become more prevalent in 2021 and beyond. RATs are malware that include a backdoor for administrative control over the device. These infections are downloaded on the back of an innocuous file (e.g., an email attachment or game) and then infiltrate the system with administrative-level privileges. This means the hacker can then get into the network, steal data, and infect other devices.
Remote devices are an attractive target
The nature of the pandemic meant that many companies shifted to remote work on the fly, prioritizing business continuity over the security of home networks and devices. Investment in new devices that would enable long-term work-from-home took a backseat. Hackers will exploit some of the ad-hoc security measures put into place as new device growth picks up over the next year.
Over the last year, in the rapid move toward working remotely, companies largely offered more flexible and permissive security policies – making it easier to access internal files from an external device, for instance. But, by making it easier for employees to access data, many businesses also enabled outside hackers to penetrate more easily.
This level of risk was manageable for IT departments as long as new devices weren’t entering the picture. But, in 2021, device growth has returned to pre-pandemic levels. These devices aren’t just work-related items. “The growing number of internet of things (IoT) devices in home networks and the lack of security can create opportunities for access by outsiders,” wrote WeForum. “When we add together diverse home environments with loose security policies, shared wifi passwords, IoT and quickly-built infrastructure to ensure uninterrupted business continuity, we get to the point where a single vulnerability or misstep in configuration can open the door to malicious actors.”
It’s no longer sufficient for IT departments to focus exclusively on securing existing work devices. Remote work means that endpoint security now includes other IoT devices that can access the same WiFi network as employees. This significantly impacts an organization’s security.
Cloud security becomes a permanent priority
The risk to data stored in the cloud is higher than ever, as more organizations shifted to cloud platforms and few put proper security protocols in place. “About 95% of companies have some type of cloud presence, even if only for internal functions such as human resources or payroll,” reported Fireeye. “Many companies deferred multifactor authentication to legacy systems as they were accelerating their migration to cloud platforms in recent years….As a result, many organizations will be playing catch-up on the security front as we move into 2021.”
Poor cloud security leads to the permanent, enduring risks of having credentials stolen, vulnerable cloud misconfigurations, and applications that are all too easy to hack. IT departments instinctively trust that tools like Slack, Google Drive, and Jira have enough built-in protocols to protect sensitive data; but, in fact, these SaaS tools focus on perimeter security and not on classifying and protecting data shared internally.
Nightfall is here to overcome some of the security risks inherent in using SaaS platforms. As the industry’s first cloud-native DLP platform, Nightfall integrates directly with the API of some of these popular platforms to detect and protect data shared internally. We use AI and machine learning to scan both structured and unstructured data, understanding the surrounding context with high levels of accuracy to efficiently prevent data from falling into the wrong hands.
Learn more about Nightfall’s cloud DLP by scheduling a demo at the link below.