Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Crystal Gaze 2021: Predictions on the Role of Automation and Cloud Computing in Cyberthreat Intelligence

Cyberthreats are getting sophisticated affecting not just corporates but also domestic lives. Drone-led espionage, spear-phishing emails, ransomware hacks, and VPN attacks have become the new normal in digital existence. A few hours left for the year 2020 to end, what does 2021 look like in the battle against cyberthreats? It has been a phenomenal year for cybercriminals who raked up billions from ransomware and stealing data for the dark web. The cyber attacks targeting businesses and domestic gadgets (IoT devices and smartphones) are likely to get more vigorous and frequent in 2021, resulting in more costly mitigation and risk assessment of cyber threat intelligence platforms. In a recent conversation with the WatchGuard’s C-suite leadership, we investigated the top cyberthreats and the company’s plans to empower their customers against these threats. Here is a list of predictions that WatchGuard provided.

Automation Drives Tidal Wave of Spear Phishing Campaigns

Spear phishing is an attack technique that involves highly targeted and convincing malicious emails that include specific and accurate details about a particular individual or role at a company. Historically, spearfishing is a high-investment and potentially high-return activity for hackers that has required manual and time-consuming processes.

That will change in 2021. Cybercriminals have already started to create tools that can automate the manual aspects of spear phishing. By combining such tools with programs that scan data from social media networks and company websites, phishers can send thousands of detailed, believable spear-phishing emails, with content customized to each victim. This will dramatically increase the volume of spear-phishing emails attackers can send at once, which will improve their success rate. On the bright side, these automated, volumetric spear-phishing campaigns will likely be less sophisticated and easier to spot than the traditional, manually generated variety.

Regardless, you should expect a major increase in spear-phishing attacks in 2021 due to automation. What’s worse, bad actors know that anxiety and uncertainty make victims easier to exploit. As society continues to grapple with the impact of COVID-19, global political strife, and general financial insecurity in 2021, we anticipate that many of these automated spear-phishing attacks will prey on fears around the pandemic, politics, and the economy.

Cloud-Hosting Providers Finally Crack Down on Cyber Abuse 

Phishing attacks have come a long way from the 419 “Nigerian Prince” scams of old. Threat actors now have an abundance of tools to help them craft convincing spear-phishing emails that trick victims into giving up credentials or installing malware. Lately, we’ve seen them leverage Cloud hosting to piggyback on the otherwise good reputation of Internet giants like Amazon, Microsoft, and Google.

Most Cloud-hosting services like Azure and AWS offer Internet-accessible data storage where users can upload anything they’d like, from database backups to individual files, and more. These services are exposed to the Internet through custom subdomains or URL paths on prominent domains such as cloudfront.netwindows.net, and googleapis.com. Threat actors commonly abuse these features to host website HTML files designed to mimic the authentication form of a legitimate website like Microsoft365 or Google Drive and to steal credentials submitted by unsuspecting victims.

This style of phish is effective because the email links to spoofed forms that resemble legitimate Microsoft, Google, or Amazon AWS links with domains owned by those companies. In 2021, we predict that these Cloud-hosting providers will begin heavily cracking down on phishing and other scams by deploying automated tools and file validation that spot spoofed authentication portals.

Homes and Devices: Hackers Infest Home Networks with Worms

The pandemic forced us all to adopt remote work practically overnight, and the era of home-based workforces will continue through 2021 and beyond. As a result, cybercriminals change their approach and create attacks specifically targeting the home worker.

Malicious hackers often include worm functionality modules in their malware, designed to move laterally to other devices on a network. In 2021, cybercriminals will exploit under-protected home networks as an avenue to access valuable corporate endpoint devices. By deliberately seeking out and infecting the company-owned laptops and smart devices on our home networks, attackers could ultimately compromise corporate networks. Next year we expect to see malware that not only spreads across networks but looks for signs that an infected device is for corporate use (such as evidence of VPN usage).

Booby-trapped Smart Chargers Lead to Smart Car Hacks 

Smart cars keep getting smarter and more common, with more manufacturers releasing new models every year. Security researchers and black hat hackers alike are paying attention. Although we’ve seen plenty of interesting smart car security research in recent years, there hasn’t been a major hack for quite some time. In 2021, we believe the dearth of major smart car attacks will be broken and a hacker will leverage smart chargers to do it.

Consumers and Business Owners are Underprepared for Evolving Cyberthreats

As with chargers for our mobile phones and other connected devices, smart car charging cables carry more than just energy. Although they don’t transfer data in the same way phone chargers do, smart car chargers do have a data component that helps them manage charging safety. In the world of mobile phones, researchers and hackers have proven they can create booby-trapped chargers that take advantage of any victim who plugs in.

We expect to see security researchers find similar vulnerabilities in smart car charging components that could at the very least allow them to prevent the powering and use of your car, and perhaps demo a malicious smart car charger during 2021. If proven, an attack like this could even result in car ransomware that prevents your car from charging until you pay.

Users Revolt Over Smart Device Privacy  

Smart and connected devices are pervasive in our lives.

Related Posts
1 of 2,592

Digital assistances such as Alexa, Google Assistant, and Siri are watching and listening to everything happening in our homes, and products like Furbos even watch and listen to our pets. Smart home systems add value and convenience to our lives by automating our lights, room temperatures, the locks on our doors, and more. We even have virtual reality (VR) systems that 3D map our rooms with specialized cameras and require a social media account to operate. Finally, many of us have adopted wearables that track and sense critical health parameters, such as how often we move, our heartbeat, our EKG, and now even our blood oxygen levels. Add to this the machine learning (ML) algorithms tech companies employ to correlate the big data from users, and it’s clear that companies know more about our private lives than our closest friends. Some of these companies may even understand our psychology and behaviors more than we do ourselves.

While all these technologies certainly have very useful and beneficial capabilities, society is starting to realize that giving corporations that much insight into our lives is not healthy.

Worse yet, we are also starting to learn that the data mapping algorithms tech companies use to categorize us, and to quantify and analyze our actions, can have unintended consequences for all of society. That’s why users will finally revolt and make vendors take privacy for home and consumer Internet of Things (IoT) devices more seriously in 2021. Expect to see the market start to heavily push back against IoT devices that collect personal data, and pressure government representatives to regulate the capabilities of these devices to protect user privacy.

Corporate Targets and Technologies: Attackers Swarm VPNs and RDPs as the Remote Workforce Swells

Working from home has become a norm for many businesses and has changed the profile of the software and services an average company relies on. While many companies lightly leveraged both Remote Desktop Protocol (RDP) and Virtual Private Networking (VPN) solutions before, these services have become mainstays in enabling employees to access corporate data and services outside of the traditional network perimeter. In 2021, we expect attackers to significantly ramp up their assaults on RDP, VPN, and other remote access services.

RDP is already one of the most attacked services on the Internet, but we suspect new companies are suddenly using it more as one strategy to give home users access to corporate machines.

While we believe you should only use RDP with VPN, many choose to enable it on its own, offering a target for hackers. Additionally, cyber criminals know remote employees use VPN often. Though VPN offers some security to remote employees, attackers realize that if they can access a VPN, they have a wide-open door to your corporate network. Using stolen credentials, exploits, and good old-fashioned brute-forcing, we believe attacks against RDP, VPN, and remote connection servers will double in 2021.

Attackers Pinpoint Security Gaps in Legacy Endpoints

 Endpoints have become a high priority target for attackers amid the global pandemic. With more employees working at home without some of the network-based protections available through the corporate office, attackers will focus on vulnerabilities in personal computers, their software and operating systems.

It’s ironic that the rise in remote work coincides with the same year Microsoft has ended extended support of some of the most popular versions of Windows – 7 and server 2008. In 2021, we expect cyber criminals to seek out a significant security flaw in Windows 7 in hopes of exploiting legacy endpoints that users can’t easily patch at home.

Read Also: Popular Wearable Gadgets You Should Own In 2021

While Windows 10 and Server 2019 have been out for quite a while, there’s no getting around the fact that some people rarely update. Windows 7 (and by relation, server 2008) was one of the most popular versions of Windows before 10. Since many considered 8 and others to be problematic, many organizations chose to stick with Windows 7 and server 2008 for as long as they could.

In fact, some organizations may not be able to move away from these old versions easily, since they have specialized legacy equipment that still relies on those older Windows versions. As a result, a significant portion of the industry sticks with old operating systems long past their expiration date. Black hat hackers know this and look for opportunities to take advantage.

You can expect that we’ll see at least one major new Windows 7 vulnerability surface in 2021 as attackers continue to find and target flaws in these legacy endpoints.

Recommended: Top Mobile E-healthcare Apps for the US Market

Every Service Without MFA Will Suffer a Breach 

Authentication attacks and the data breaches that fuel them have become a daily occurrence. Cyber criminals have found incredible success using the troves of stolen usernames and passwords available on underground forums to compromise organizations using password spraying and credential stuffing attacks. These attacks take advantage of the fact that many users still fail to choose strong and unique passwords for each of their individual accounts.

Just look at the dark web and the many underground forums. There are now billions of usernames and passwords from various breaches, widely available, with millions added every day.

These databases, paired with the ease of automating authentication attacks, means no Internet-exposed service is safe from cyber intrusion if it isn’t using multi-factor authentication (MFA). We know it’s bold, but we predict that in 2021, every service that doesn’t have MFA enabled will suffer a breach or an account compromise.

Read More: How An AI-Based HR Platform Is Revolutionizing The Recruitment Industry

18 Comments
  1. Whitney Gonzalez says
  2. on web hosting says

    Hi there, after reading this awesome paragraph i
    am too cheerful to share my familiarity here with
    friends.

  3. http://tinyurl.com says

    First of all I would like to say fantastic blog!
    I had a quick question which I’d like to ask if you do not mind.

    I was curious to find out how you center yourself and clear your
    head prior to writing. I’ve had trouble clearing my thoughts in getting my thoughts
    out there. I do take pleasure in writing but it just
    seems like the first 10 to 15 minutes are usually lost just trying to figure out how to begin. Any suggestions or hints?
    Kudos!

  4. bit.ly says

    Howdy! This post couldn’t be written much better! Reading through this post reminds me of
    my previous roommate! He continually kept
    preaching about this. I will send this post to him.

    Fairly certain he’s going to have a good read.
    Thank you for sharing!

  5. what asmr says

    It is really a nice and helpful piece of info.
    I am happy that you just shared this useful information with us.

    Please keep us up to date like this. Thank you for
    sharing.

  6. the scoliosis surgery says

    Can I simply just say what a relief to find an individual who really understands what
    they’re talking about over the internet. You definitely understand
    how to bring an issue to light and make it important.
    More people should check this out and understand this side of the story.
    I was surprised you aren’t more popular since you definitely have the gift.

  7. http://j.mp/38vuS56 says

    Very good post! We are linking to this great article on our website.
    Keep up the good writing.

  8. asmr their says

    Keep this going please, great job!

  9. scoliosis surgery my says

    My brother suggested I may like this website. He was totally right.
    This put up truly made my day. You can not
    consider simply how so much time I had spent for this information! Thank you!

  10. bitly.com says

    I believe that is among the such a lot important info for me.
    And i’m satisfied reading your article. But
    want to statement on some common things, The web site taste is great,
    the articles is in reality nice : D. Excellent activity, cheers

  11. of quest bars says

    Today, I went to the beach with my children. I found a sea
    shell and gave it to my 4 year old daughter and said “You can hear the ocean if you put this to your ear.” She placed the shell to her ear and screamed.
    There was a hermit crab inside and it pinched her ear. She never wants to go
    back! LoL I know this is entirely off topic but I had to tell someone!
    quest bars http://bitly.com/3jZgEA2 quest bars

  12. bit.ly says

    It’s wonderful that you are getting ideas from this
    article as well as from our dialogue made at this
    time. cheap flights http://1704milesapart.tumblr.com/ cheap flights

  13. app.gumroad.com says

    Hello, Neat post. There’s an issue with your web site in web explorer,
    would check this? IE nonetheless is the market leader and
    a huge section of other folks will pass over your excellent writing because of this
    problem. asmr https://app.gumroad.com/asmr2021/p/best-asmr-online asmr

  14. www.iherb.com says

    This website was… how do I say it? Relevant!!
    Finally I’ve found something that helped me. Many thanks! quest bars https://www.iherb.com/search?kw=quest%20bars quest bars

  15. http://bit.ly says

    Pretty great post. I simply stumbled upon your
    weblog and wanted to mention that I’ve really loved surfing around your
    blog posts. After all I will be subscribing to your feed and
    I am hoping you write once more very soon! ps4 games https://tinyurl.com/45xtc52b ps4 games

  16. tinyurl.com says

    If some one wishes to be updated with latest technologies therefore he must
    be go to see this website and be up to date all
    the time. scoliosis surgery https://0401mm.tumblr.com/ scoliosis surgery

  17. coub.com says

    If you would like to get much from this piece of writing then you have to apply such strategies to
    your won weblog. scoliosis surgery https://coub.com/stories/962966-scoliosis-surgery scoliosis surgery

Leave A Reply

Your email address will not be published.