Over the past year, we have been rocked by a series of high-profile cyber incidents. Just think of the SolarWinds hack, where attackers added malware to the company’s official Orion software. A vulnerable version of this monitoring software was installed by no fewer than 18,000 customers, including many government organizations and multinationals.
The current trends in security taking IT security to the next level
Various large-scale ransomware attacks were also reported, such as the one that affected the municipality of Hof van Twente. The IT systems of the Overijssel municipality were encrypted by ransomware at the end of 2020, and backups were also destroyed. Another example is the Dutch Research Council (NWO), which was extorted by attackers after a ransomware attack.
Against the backdrop of such incidents, in this blog we take a closer look at current security trends. Which developments do you need to be aware of? We reflect on the past year and look ahead to the current trends in security.
A look back at 2020
More and more DDoS attacks
The rise of DDoS attacks has been one of the emerging trends in security for many years now. And it is a trend that continued in 2020. In the last quarter of 2020, for example, the Dutch National Internet Providers Management Organization (NBIP), supported by the National Scrubbing Center against DDoS attacks (NaWas) – a system that cleans up regular Internet traffic for Internet providers from attack traffic –, identified 540 DDoS attacks. We are also seeing an increasing number of severe DDoS attacks:in 2019, the largest attack had a capacity of 140 Gbps, but in 2020 this was no fewer than 200 Gbps.
More professional phishing
Cybercriminals are becoming increasingly professional in their attacks.This makes cyber attacks more difficult to detect, which in turn increases the likelihood that employees will fall for an attacker’s trick. As such, in its annual report entitled Internet Organised Crime Threat Assessment 2020, Europol highlighted the increasing sophistication and precision of social engineering and phishing. Attackers often use publicly available information – from social media or corporate websites, for example – to launch targeted phishing attacks, which are less likely to raise alarm bells.They also mention the victim’s passwords or other personal details that they manage to get hold of through data leaks.The increasing sophistication of phishing was therefore identified as one of the top security trends of 2020.
More advanced ransomware
The increasing sophistication of ransomware has also been identified as one of the security trends for the coming year. Europol noted, for example, that attackers are putting their victims under increasing pressure; not only do they take data hostage, but they also steal information.They then enforce their demands by threatening to publish the stolen data. Back-ups are often seen as a way out in the event of a ransomware attack.By restoring data from a backup, the damage can be limited and payment to the criminals – which is generally not recommended – can be avoided. However, attackers are increasingly encrypting their victims’ back-ups as well, rendering recovery impossible.
Current security trends
Although these security trends of the past year continue to play a major role today, new trends are also emerging. The most significant ones are:
Password-less authentication
Although passwords play a crucial role in IT security, they are also a source of frustration, delays, and inconvenience. For example, users are encouraged to use unique passwords, which minimizes the impact of leaked login data. However, this rapidly increases the number of passwords users have to remember, which is inconvenient and frustrating.
As such, password-less authentication is becoming increasingly popular. Azure Active Directory offers various possibilities for this. For example, Windows Hello on Windows 10 systems can replace traditional passwords with multi-factor authentication with biometric authentication. With the Microsoft Authenticator app, users can authenticate themselves using their mobile device; they receive a notification and then confirm their identity using biometric authentication or a PIN. Microsoft also cooperates with the FIDO Alliance. FIDO2 Security Keys based on Fast Identity Online (FIDO) – a set of open, standard protocols – can be used to replace traditional passwords. These security keys are a hardware-based authentication method, often in the form of a USB device.
Another example is Web Authentication (WebAuthn), a more secure method of logging in developed by the W3C based on the Public Key Pair principle. WebAuthn works with a public and private key, both of which are required to log in. The public key is visible to everyone, while the private key is protected and stored on, for example, a smartphone or hardware key such as a YubiKey. WebAuthn makes passwords a thing of the past.
Cybersecurity mesh
Many assets that users rely on today are located outside their own network – for example, cloud applications and containers in external data centres, but also Internet of Things applications and employees’ own devices. These assets are, therefore, not protected by the traditional security perimeter. As such, the number-one security trend at the moment is the increasing embrace of the cybersecurity mesh.
A cybersecurity mesh recognizes that networks have no physical boundaries. So, rather than building a security perimeter around their entire network, organizations build small perimeters around individual assets. This offers a number of major benefits. For example, organizations can draw up a security policy centrally and then enforce it in a distributed manner on the individual assets to which it applies – regardless of their location. Thanks to its segmented approach, a cybersecurity mesh also provides greater control over access to individual assets of the organization. If an unauthorized person gains access to one of the assets, access to this asset remains limited and the attacker does not gain access to other parts of the network.
Zero Trust
Zero Trust is a security trend that ties in with the cybersecurity mesh and is also gaining popularity. Whereas traditional forms of security restrict access to secure networks, Zero Trust restricts access to secure users and endpoints. Every user and device is assigned a unique identity, to which specific access rights are linked.Users can therefore securely access data from any location, regardless of the network they are using.
Getting started with security trends
As far as security trends are concerned, the focus at the moment is mainly on offering secure access to applications and data from any location. To do this, companies are implementing a cybersecurity mesh, which helps them to keep assets safe no matter where they are located. In the past, companies built security around their network, but now they are implementing security around individual assets. The Zero Trust model complements this; administrators only allow access to data if the user and the device are authorized, regardless of the network used.
If you want to start implementing these security trends, or you are you curious to find out how they will affect your organization, we’d be happy to help!
This article was previously published on True.nl.