McAfee releases 2021 Threat Predictions Report
On January 13, McAfee posted its 2021 Threat Predictions Report, summarizing the anticipated trends in cybersecurity threats for the coming year. Unsurprisingly, ripple effects from the COVID-19 pandemic feature prominently in the forecast. McAfee predicts six key themes in the cybersecurity threat landscape for 2021:
1. Cyber criminals, having seen the success of the supply chain backdoor attack against SolarWinds, are expected to lead similar new and sophisticated indirect attacks on their targets.
2. The continuing proliferation of home-based IoT devices is steadily broadening the cyber attack surface, particularly among people working from home as we enter the second year of the COVID-19 pandemic. Connected devices, applications, and web services will conspire to create risks for employees and business alike.
3. The pandemic also saw businesses accelerating their digital transformations, and making more extensive use of cloud facilities. Attacks on improperly or inadequately secured cloud services are becoming more prevalent, more sophisticated, and more automated.
4. Work-from-home and regional lockdowns have also driven consumers to conduct more mobile online transactions than ever before – making them a bigger target for various exploits including website spoofing, phishing and SMShing attacks, malicious web scraping, and keyboard logging techniques.
5. The latest cyber threat neologism is QSHing – the use of maliciously-designed QR codes. QSHing is forecast to become a bigger trend, with cybercriminals using fake QR (quick response) codes to lure unsuspecting victims to fake sites in order to harvest personal or financial data. Fraudulent QR codes can even act as a foot-in-the-door for hackers to download malware onto users’ mobile devices.
6. The increased reliance on social networks for “human connection” during the pandemic means that cyber criminals will have an increasing number of opportunities to impersonate contacts or spoof business interactions in order to trick their victims. While email phishing scams are not going away any time soon, the growth of virtual networking on business and personal platforms likely means that successful spearphishing and other focused attacks will be on the rise in 2021.
Neumann Lim heads University of Guelph threat intelligence webinar
ISA Cybersecurity’s Director of Digital Forensics and Incident Response Neumann Lim is featured on an upcoming webinar hosted by the University of Guelph. “Operationalizing Threat Intelligence for Threat Hunting” is being broadcast live on January 22 at 10:00 a.m. Neumann will explain the difference between intelligence and threat intelligence; the importance and lifecycle of intelligence gathering and threat hunting; and the basics of the concept of “indicators of compromise” (IOCs). Neumann will also allow time for questions and answers. Register for the complimentary, one-hour webinar today.
The webinar is being presented in conjunction with the University of Guelph’s Master of Cybersecurity and Threat Intelligence (MCTI) program. The MCTI is a unique, cutting-edge program that offers professionals the potential for a demanding and exciting career in cybersecurity, cyber threat intelligence and digital forensics within the Canadian or global landscape. Learn more at https://www.uoguelph.ca/computing/graduates-graduate-programs/master-cybersecurity-and-threat-intelligence-mcti.
CISA issues cloud security analysis report
Recognizing heightened threats against cloud services, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a special Analysis Report (AR21-013A), providing direction and insight to help protect companies using cloud solutions. According to the bulletin, “CISA is aware of several recent successful cyberattacks against various organizations’ cloud services. Threat actors used a variety of tactics and techniques, including phishing and brute force logins, to attempt to exploit weaknesses in cloud security practices.” CISA reported that many of the attacks were related to work-from-home situations in which users failed to follow appropriate cybersecurity best practices.
Strengthening Security Configurations to Defend Against Attackers Targeting Cloud Services contains an indicator-of-compromise (IOC) file download, and an extensive checklist of recommended protections and strategies for business working in the cloud.
Scottish environmental protection agency still recovering from Christmas Day attack
Banksecurityinfo.com has reported that the Scottish Environment Protection Agency (SEPA), which suffered a cyberattack at 12:01 a.m. Christmas Day 2020, is still trying to recover its systems over three weeks later. Spokespersons at SEPA say the attack last month continues to cause serious outages due to internal ransomware infections, and have also confirmed that data was exfiltrated in the incident; according to the report, some of the data has begun to leak out on the dark web. Underscoring the importance of 24×7 system monitoring, the attackers chose to launch the attack at the start of the Christmas long weekend, when routine staff presence would typically be at a low point.
Free cybersecurity summits from the SANS Institute
The SANS Institute kicks off their 2021 virtual learning calendar with their live online Cyber Threat Intelligence Summit, January 21-22, 2021. The free two-day summit and training conference features case studies; methods for developing, refining and acting on threat intelligence; and trends and innovations in the threat intelligence space. The conference has materials suitable for all skill levels. The agenda for the complimentary sessions is available at https://www.sans.org/event/cyber-threat-intelligence-summit-2021/summit-agenda; additional paid courses and more in-depth sessions are available as well. SANS has also just confirmed that Christopher Krebs, former director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA) will present the keynote address.
Additional summits have been scheduled through the first half of 2021; as with the January summit, the basic agenda is free, with optional training and in-depth sessions available at extra charge.