2020 Proved to Be the Year of Digital Interference. Here's What Booz Allen Predicts for Cyber in 2021
As the world adjusts to the new realities of the COVID-19 pandemic, cyber threats continue to grow in both impact and frequency. The increased adoption of digital technologies has expanded attack surfaces; simultaneously ransomware operators are refining their business models to generate maximum returns.
One resource to prepare for consequential cyber threats is the Booz Allen’s Cyber Threat Trends Outlook. Each year, the report explores what Booz Allen’s cyber experts know about upcoming cybersecurity challenges and provides guidance on how to best mitigate risks.
“The year 2020 has been unlike any we have experienced, and this is true with regard to cyber threats, too. If this year has taught us anything, it is the importance of preparing to react to emerging threats such as more frequent supply chain attacks and more consequential ransomware,” said Bill Phelps, Executive Vice President at Booz Allen and leader of the firm’s commercial work. “In this time of both change and adjustment, the Cyber Threat Trends Outlook explores what is known about key cybersecurity issues that lie ahead.”
Prescient insights gained from hands-on experience
Booz Allen called out several trends and predictions last year in the 2020 Outlook Report that came to fruition, including:
- Digital interference in 2020 elections
- Threats of digital interference for the 2020 (rescheduled to 2021) Olympics
- Non-state actors turning to cyber operations as a means of asymmetric warfare
- Drones serving as a jumping-on point into networks and systems
- Cybercriminals targeting vehicle-borne systems, attracted by growing amounts of automobile-generated data
Booz Allen’s insights are earned through working with Fortune 100 and Global 2000 organizations across industries and with nearly every federal and defense agency in a wide range of areas: incident response, threat hunting, cyber defense, strategy, road-mapping, and beyond.
What should organizations watch out for in the new year? Highlights follow from the 2021 Cyber Threat Trends Outlook Report.
COVID-19 response activities will continue to attract cyber crime
As companies scrambled to develop contract tracing apps at the outset of the COVID-19 pandemic, privacy and security sometimes took a back seat. Centralized databases of population-wide personally identifiable information (PII) create appealing opportunities for enterprising threat actors from: including state-aligned organizations to for-profit cybercriminals to cyber trolls.
The contact tracing ecosystem will continue to be vulnerable in 2021, with adversaries potentially attempting to surveil users, install data stealing and surveillance backdoors, steal large PII databases, create fake outbreaks, blackmail and harass users. To mitigate these risks, organizations must strengthen mobile device protection, deploy mobile device management platforms and application containerization solutions.
Cybercriminals are also expected to capitalize on rapid U.S. telehealth adoption. To strengthen protection, organizations should incorporate cybersecurity into every aspect of their telehealth strategy and architecture, including user authentication, device security, peripherals, and third-party vendor security.
Cybercriminals will double down on malware
2020 was a revolutionary year for ransomware as bad actors evolved their operations by utilizing the media to force faster and higher payments and taking Ransomware as a Service to new levels of sophistication.
In 2021, ransomware operators are expected to attack third-party data, suppliers, customers, and other relational targets. To guard against these evolved extortion attacks, organizations must establish a threat hunting program, review cyber insurance policies, put an external incident response firm on retainer, and strengthen cybersecurity fundamentals like patching, playbooks, and two-factor authentication.
Accelerated digital transformation will expand attack surfaces
With more aspects of our lives moving online, enhanced by innovations from AI to 5G and beyond, bad actors are taking note—and taking advantage— organizations must enhance their defenses now.
- Platform as a Service and the cloud continue to be attractive supply chain attack vectors. Deploy endpoint detection and response tools, secure development environments with strict access controls and patches, and further strengthen protection with code-signing keys and application allow listing.
- Advanced threat actors will target machine learning. Give AI models the same protection as any proprietary software and build and train AI systems to withstand adversarial attacks. Bolster security with defense-in-depth strategies and mitigations aligned to specific attack techniques.
- Parcel and shipping services, now critical infrastructure, become more aggressively targeted. Augment protection for “crown jewel” assets, watch the geopolitical landscape, increase monitoring around peak periods like holidays, and proactively educate employees and the public on security best practices.
- 5G will expand the Industrial Internet of Things (IIoT) attack surface and increase security pressure on mobile hotspots. Harden underlying structures and strategize security throughout the 5G network architecture, from vendors to “tech debt” to security tactics. For mobile hotspots, conduct robust security audits, extend security policies to cellular products and systems, and continue to encourage best practices like VPNs.
Overarching advice for organizational protection
To strengthen cybersecurity across these multiple fronts, Booz Allen recommends that organizations:
- Stay focused. Continue to invest in strong cybersecurity foundations and cyber hygiene.
- Be proactive about resilience. Know your supply chain and third-party risk and use research and development data to understand potential adversaries, your organization, and how to respond to a cyber crisis.
- Have a plan for incident response. Choose a partner that understands the nuances of breach recovery and actively practice your incident response.