Experiences from the IT security landscape in 2021

top cybersecurity companies

Lothar Geuenich, Regional Director Central Europe at Check Point Software, gives a review of the IT security landscape in 2021 in a guest article. The key words are fake vaccination certificates, KRITIS, ransomware, supply chains and the hybrid world of work.

Check Point Software security researchers recently reported that cyber attacks on organizations of all types worldwide increased 40 percent in 2021 compared to the previous year. During the same period, one in 61 organizations was hit by a ransomware attack every week. These attacks were intensified by the pandemic measures that accelerated the digitization of many companies, such as mass remote work and home offices. When planning for the coming year, managers must therefore keep IT security in mind. In addition, it is worth learning from the events of 2021:

  • Big black market for COVID-19 vaccination certificates: The global demand for fake vaccination certificates on the Dark Net and via Telegram has exploded since August. We found that the number of sellers increased tenfold from August to September of this year. The stricter the rules in the individual countries regarding the vaccination status, the more the demand increased. Criminal gangs use this development to their advantage and buyers can never be sure whether they will actually receive the goods or whether they will soon be a victim of a cyber attack – after all, they have to provide personal data or be on unsecure sites.
  • Attacks against critical infrastructure (KRITIS): All over the world, groups of hackers are intensifying their attacks on critical services and government facilities, such as transportation, education, hospitals, fuel pipelines and power plants. An example of the extent and the danger of these crimes are the attacks against the Iranian train system at the beginning of the year: These led to an interruption of the train service and the passengers were asked by the hackers – with the telephone number – to contact the office of the Iranian Supreme Leader To call Khamenei. In the United States of America, an important pipeline supplying the United States with fuel was paralyzed in the spring. It was ransomware to blame. These incidents should be an appeal to governments worldwide to increase the IT security of critical infrastructures (KRITIS), since resuming operations can be complicated and lengthy, while the damage is devastating. Every KRITIS operator and every other company needs an effective emergency plan, constantly updated systems and security programs from professional third-party providers.
  • Triple blackmail ransomware attacks: In the Mid Year Report 2021 we presented a new scam, the triple extortion of ransomware. One example is the notorious REvil ransomware group, which has been responsible for dozens of major attacks since 2019, including the most recent hacking against Kaseya and JBS on July 4th of this year.
  • Attacks against supply chains: The increase in business failures due to IT attacks on suppliers has led companies to take a closer look at their supply chain. The SolarWinds attack caused a sensation. In addition, our security researchers found dangerous vulnerabilities in Atlassian, a software platform founded in Australia with over 180,000 corporate customers worldwide. With just one click, an attacker could have exploited the vulnerabilities to gain access to Atlassian’s Jira bug system and gain access to sensitive information. Our experts have responsibly given the research results to Atlassian to provide a quick solution, but these examples show the vulnerability of the elements around the core company. In addition, there are remote working, portable devices and the networking of the Internet of Things (IoT, Internet of Things) in general. They make these supply chain attacks all the more attractive.
  • Secure hybrid jobs: One of the biggest challenges for companies with a hybrid work environment is the intensity of the IT attacks, not the detection of new vulnerabilities. Hackers are aware of the timeframe it takes for industries to identify and fix vulnerabilities. It can take days, weeks or even months for vulnerabilities to be closed if companies have poor security policies and an inadequate IT infrastructure. So the advantages of remote work cannot be enjoyed in peace. That is why IT staff must ensure that every endpoint is secured and that no malware is dragged into the company network when the employee brings the device into the office or over VPN dials in. In addition, employees up to management level are trained on IT threats, because phishing e-mails to smuggle in malware or steal login data are still the means of choice for many criminals. If the employees don’t fall for it, a major security hole has already been closed.

The year 2021 has never made it clear for a long time: No company and no person is immune from an attack. Hacker groups are also often quicker than their opponents to adapt to a new situation. For this reason, all entrepreneurs and those responsible for authorities must consciously deal with IT security and develop a strategy in order to be prepared against attacks of all kinds. Only an unprotected end device or an inadequately secured supplier can become a gateway if a connection to the company’s own network exists or can be established.

Leave a Reply

Your email address will not be published. Required fields are marked *