These lessons should be learned from the Cybersecurity Year 2021

ExtraHop wird von Bain Capital Private Equity und Crosspoint Capital Partners übernommen

Security landscape

Consciously dealing with IT security

By Lothar Geuenich, Regional Director Central Europe at Check Point Software

Lothar Geuenich, Regional Director Central Europe at Check Point Software Technologies GmbH

Our security researchers recently reported that cyber attacks on organizations of all kinds worldwide in 2021 increased by 40 percent compared to the previous year. During the same period, one out of 61 organizations was hit by a ransomware every week.
These attacks were intensified by the pandemic measures, which led to an acceleration of the digitization of many companies, such as mass remote work. When planning for the coming year, managers must therefore keep IT security in mind.

To do this, it is worth learning from the events of 2021:

Large black market for COVID-19 vaccination certificates

The global demand for fake vaccination certificates on the Dark Net and via Telegram has exploded since August. We found that the number of sellers increased tenfold from August to September this year. The stricter the rules in the individual countries regarding the vaccination status became, the more the demand increased. Criminal gangs use this development to their advantage and buyers can never be sure whether they will actually receive the goods or even fall victim to a cyber attack in the near future – after all, they have to provide personal data or be on unsafe sites.

Attacks against critical infrastructure (KRITIS)

All over the world, hacker groups are intensifying their attacks on important services and government institutions, such as transport, education, hospitals, fuel pipelines or power plants. An example of the extent and the danger of these crimes are the attacks against the Iranian train system at the beginning of the year: these led to an interruption of train traffic and the passengers were asked by the hackers – with indication of the telephone number – to call the office of the Iranian Supreme Leader, Khamenei. Meanwhile, in the United States of America, an important pipeline to supply the United States with fuel was shut down in the spring. It was a ransomware. These incidents should be an appeal to governments worldwide to increase the IT security of critical infrastructures (KRITIS), as the resumption of operations can be complicated and lengthy, while the damage is devastating. Every KRITIS operator and every other company needs an effective emergency plan, always updated systems and security programs from professional third-party providers.

Ransomware Attacks with Triple Blackmail

In the Mid Year Report 2021 we presented a new scam, the Triple extortion of ransomware (Triple Extortion). An example is the notorious REvil ransomware group, which has been responsible for dozens of major attacks since 2019, including the recent hackings against Kaseya and JBS on July 4 this year.

Attacks against supply chains

The increase in business failures due to IT attacks on suppliers has led entrepreneurs to take a closer look at their supply chain. The SolarWinds attack was sensational. In addition, our security researchers found dangerous vulnerabilities in Atlassian, a software platform founded in Australia with over 180,000 corporate customers worldwide. After just one click, an attacker could have exploited the vulnerabilities to gain access to Atlassian’s Jira bug system and access sensitive information. Our experts have responsibly given the research results to Atlassian in order to quickly provide a solution, but these examples show the vulnerability of the elements around the core company. In addition, there are remote work, portable devices and the networking of the Internet of Things (IoT, Internet of Things) in general. They make these supply chain attacks even more attractive.

Securing hybrid jobs

One of the biggest challenges for companies with a hybrid work environment is the intensity of IT attacks, not the discovery of new vulnerabilities. Hackers are aware of the time frame that industries need to detect and fix vulnerabilities. It can take days, weeks or even months for vulnerabilities to be closed if companies have poor security policies and a poor IT infrastructure. So the advantages of remote work can not be enjoyed in peace. That’s why IT employees have to make sure that every endpoint is secured and that no malware is carried into the company network when the employee brings the device to the office or dials in via VPN. In addition, there is the training of employees, up to the management level, on IT threats, because phishing emails to inject malware or steal login data are still the means of choice for many criminals. If the employees do not fall for this, a major security gap has already been closed.

The year 2021 has not made it clear for how long: no company and no person is immune from an attack. Hacker groups are also often faster than their opponents to adapt to a new situation. For this reason, all entrepreneurs and government officials must consciously deal with IT security and design a strategy to be prepared against attacks of all kinds. Only an unprotected end device or a poorly secured supplier can become a gateway if a connection to your own company network exists or can be established.

Ready to see us in action:

More To Explore
Enable registration in settings - general
Have any project in mind?

Contact us: