New and known threat and security trends

Employees access company networks or cloud-based resources from the home office via WLAN. IT staff remotely troubleshoot mission-critical systems and more. Hackers waste no time exploiting these potential vulnerabilities.

The most important current security and threat trends are briefly outlined below. Unfortunately, the scope and sophistication of these attacks are expected to get worse over time.

Dramatic increase in ransomware attacks

Ransomware attacks have grown exponentially and will continue to grow. The shift to working from home has meant that companies need to strengthen their IT security measures, as their employees now work both professionally and privately from multiple devices in environments that may or may not be secure. Therefore, it is advisable to proactively implement appropriate measures such as Zero Trust security models, which also include training for the entire company.

Bypass access controls with deepfakes

Manipulated videos or images (deepfakes) are increasingly becoming a major security problem. So far, deepfakes have mostly been seen in the entertainment space, where manipulated videos show one actor’s face morphing into another. Or with politicians being spoofed on videos saying things they obviously never said. For example, scammers faked a CEO’s voice and tricked an employee into transferring a large amount of money to a fake account.

Aside from fraud, an attacker could create a video showing a celebrity, CEO or other executive doing something embarrassing or illegal and use such deepfakes for blackmail purposes. Hackers will soon be more likely to weaponize AI-based deepfake technology, for example to compromise biometric access controls by faking a person’s face.

Attacks also on conference software

Today, working from home and communicating with colleagues and partners via conference calls and video conferencing software is very common. These services are now being attacked in bulk, eavesdropping on sessions to potentially steal sensitive information. Therefore, it is imperative for organizations to put in place formal corporate policies and procedures that employees must follow to combat threat actors.

For this reason, measures such as cleaning up invitation lists, protecting video conferences with passwords, sending passwords in a separate message from the meeting invitation, manually admitting participants by the moderator, and locking the meeting once it has started should be taken.

Not new, but effective: Cryptojacking

In cryptojacking, attackers break into a company or organization to mine cryptocurrency using hijacked computing resources. The attacker can usually remain undetected for a long time. Since no ransom was demanded and no personal data was stolen, companies do not have to disclose that they have been hacked. This makes it difficult to quantify the cost of intrusion, as the damage is in the areas of lost computing power, slower performance, and higher utility bills.

However, as cryptocurrencies appreciate in value, there is a greater incentive for attackers to commit cryptojacking. Cryptojacking is a growing and serious security threat because it is essentially a backdoor into an organization that could also be sold to others who in turn want to launch ransomware or other types of attacks.

Hacks on IoT and OT

Attacks on the Internet of Things (IoT) and operational technology (OT) infrastructure have also increased. These include critical infrastructure, traditional manufacturing facilities, and even smart home networks. Attackers target industrial sensors, among other things, to cause damage that can lead to production lines being shut down or services having to be interrupted.

As these systems are increasingly managed remotely, it opens up a very good entry point for hackers. Furthermore, attackers could also carry out ransomware-like attacks, for example locking or modifying a company’s smart door lock or smart thermostat.

Attacks on supply chains

The supply chain is only as strong as its weakest link, and this is how hackers attack their targets. Attacks on supply chains are and will remain a hot topic. Businesses are advised to pay particular attention to third parties, partners, contractors, managed service providers, and cloud service providers. That means these companies must demonstrate that their security practices are always up to date. In addition, it should be ensured that these organizations comply with the established security guidelines.

As of 10/30/2020

It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. You can find detailed information in our data protection declaration.

Consent to the use of data for advertising purposes

I agree that Vogel IT-Medien GmbH, Max-Josef-Metzger-Straße 21, 86157 Augsburg, including all companies affiliated with it within the meaning of Sections 15 et seq. AktG (hereinafter: Vogel Communications Group) my E e-mail address for sending editorial newsletters. Lists of the respective associated companies can be accessed here.

The content of the newsletter extends to the products and services of all the companies mentioned above, including, for example, trade journals and specialist books, events and trade fairs as well as event-related products and services, print and digital media offers and services such as other (editorial) newsletters, competitions, lead campaigns, Market research in the online and offline area, subject-specific web portals and e-learning offers. If my personal telephone number was also collected, it may be used for submitting offers for the aforementioned products and services from the aforementioned companies and for market research.

READ:  Confidential Computing to Usher in A New, Secure Cloud Era

If I call up protected content on the Vogel Communications Group portals, including its affiliated companies within the meaning of §§ 15 ff. AktG, I have to register with additional data for access to this content. In return for this free access to editorial content, my data may be used in accordance with this consent for the purposes stated here.

right of revocation

I am aware that I can revoke this consent at any time for the future. My revocation does not affect the legality of the processing carried out on the basis of my consent up to the time of revocation. In order to declare my revocation, I can use the contact form available at as one option. If I no longer wish to receive individual newsletters to which I have subscribed, I can also click on the unsubscribe link at the end of a newsletter. I can find more information about my right of withdrawal and how to exercise it, as well as the consequences of my withdrawal, in the data protection declaration, section Editorial newsletters.

Advanced Detection and Response (XDR)

Extended Detection and Response (XDR) is a relatively new approach to threat detection and response. This is about breaking down security silos and providing cloud-based services that encompass multiple security-related data streams. XDR harnesses the power of cloud-based big data analytics to analyze data from endpoint protection agents, email security, identity and access management, network management, cloud security, threat intelligence, threat hunting, and more. XDR is less about a specific product and more about building a platform that can integrate the capabilities of multiple security tools to detect, analyze, track, and remediate a potential security threat in context.