Cybersecurity in 2020: tales and trends in the new normal
One thing we often hear from our cybersecurity clients is how rapidly the threat landscape is evolving. Adversaries are relentless in their pursuit of new innovative ways to infiltrate and inflict damage on their targets. I wrote in June that investment in cyber is now more important than ever, and the events of this year have only reinforced that point. As the world ground to a halt in 2020, the cyber underworld put its foot to the throttle. Here we take a look at some of the year’s main cybersecurity incidents and trends.
Sowing fear and reaping chaos amidst the pandemic
On entering lockdown in the UK, there was a lot of uncertainty around coronavirus, and hackers quickly shifted gear in an effort to exploit the situation. The number of malware and phishing attacks using Covid-19 as a pretext escalated dramatically, with Google recording more than 18 million such emails daily during the first week of April alone. On top of this, people were forced to contend with an uptick of general misinformation campaigns in an effort to advance various geopolitical agendas, which distorted Covid-19 related facts.
Our client, Orange Cyberdefense also observed an increase in targeted attacks against medical organisations involved in researching, treating or responding to Covid-19, in what appeared to be an effort to undermine the response to the pandemic. The NCSC was among a number of global cyber agencies to accuse state-sponsored hackers from China, Russia, Iran and North Korea, of trying to steal Covid-19 vaccine secrets in an “intellectual property war”. Recently, it was also reported that the vaccine supply chain has been targeted by nation-state hackers in a sophisticated operation, which aimed to disrupt or steal information about vital processes to keep vaccines cold.
New normal, new problems
Another key cybersecurity issue this year was caused by the abrupt transition to remote working. Research by cloud security specialist Bitglass found that most companies remained ill-equipped to support secure remote working even several months into the pandemic. In contrast, as workers settled into their new environments, cybercriminals quickly adapted by exploiting improperly secured VPNs, cloud-based services, and business email. According to security firm Malwarebytes, 20% of US businesses said they had faced a security breach as a result of a remote worker, and 24% had to spend money unexpectedly to resolve a security breach or malware attack following the shift to working from home. The security of remote workforces remains a subject of intense debate.
Video conferencing service Zoom was one of the companies to benefit from the shift to working remotely, but it was also the subject of intense scrutiny over its security practices after users reported being targeted by “Zoombombing”. The shortcomings in Zoom’s security led to the service being banned at Google and in parts of the German and US government.
Social engineering on social media
Enterprise security has suffered its fair share of issues in 2020, but it was the most high-profile cyber incident of the year that again reminded us of the most enduring risks to an organisation’s security – people!
In July, hackers took control of the Twitter accounts of several prominent public figures including incoming US president Joe Biden, former US president Barack Obama, and tech entrepreneurs Elon Musk, Bill Gates, and Jeff Bezos. Even with its significant resources, Twitter was breached when hackers used a phone “spear-phishing” attack to target one of its employees. After stealing employee credentials and infiltrating Twitter’s systems, the hackers were able to target other employees who had access to account support tools.
The incident shows that people, more often than not, are the chink in the armour when it comes to cybersecurity threats. Social engineering is the art of exploiting human psychology, rather than technical hacking techniques. With social engineering on the rise, it is essential that businesses dedicate resources to training employees to recognise their role in preventing such attacks.
As businesses grappled with the immense strain of the Covid-19 pandemic, another significant threat has been quietly gaining momentum. According to anti-virus company Bitdefender, there was a 715% year-on-year increase in detected – and blocked – ransomware attacks this year. These attacks have become increasingly dangerous in recent years, with cyber criminals aiming to exploit hundreds of thousands or even millions of pounds.
Last month, Manchester United became the latest global brand to fall foul of ransomware. The club’s stuttering performances on the pitch this season were mirrored by performance issues off it, as hackers demanded millions in payment and kept systems offline for several weeks. Other high-profile victims in the last few months alone include a Baltimore school district, videogame maker Capcom, and Hackney Council in London. If businesses want to avoid joining this illustrious list, it’s important that they look to their own security posture.
At Babel, we’re proud to work with some of the businesses at the forefront of cybersecurity. Our expertise in building and implementing impactful campaigns on behalf of our security clients is unmatched. As we enter 2021, businesses will need to start assessing security posture and consider their options. If you’d be interested in learning how an integrated PR and communications programme can help you be a part of those conversations, we’d love to hear from you.