Vulnerabilities linked to Microsoft Teams, as well as SharePoint, Office 365 and Exchange will be exploited, so brace yourselves …
When the COVID-19 pandemic hit, organizations had to reckon with this reality, and fast.
The year has brought to the fore sobering reminders of perennial issues and neglected warnings that have beset cybersecurity for years. How are sectors equipped or prepared for such scenarios now? Here are some of our predictions for the year ahead.
- Threat actors will turn home offices into their new criminal hubs
Home networks will become launch points for threat actors looking to hijack machines and jump to other devices in the same network, aiming to gain a corporate foothold. Malicious actors will either take advantage of installed software or unpatched vulnerabilities, hopping from one remote worker’s machine to another until it finds a suitable target. This chain attack will spread to other users downstream. Employees who remotely access confidential and critical information will also be actively targeted by data-stealing attacks in 2021. - Contact tracing will have malicious actors eyeing the data
Rapid access to data could be crucial in fighting the outbreak, but easing data privacy measures leads to problems of its own. Big databases, along with hasty implementations, are rich targets for malicious actors looking to compromise collected and possibly retained data. Cybercrime groups can abuse this in different ways, including extracting identity information and selling it in the underground. On the budgeting front, the economic and operational impact will create budgetary constraints in organizations’ security operation in 2021. - Critical class bugs enter the scene
Critical class bugs can render a platform or site unusable. Vulnerabilities related to Microsoft Teams, as well as SharePoint, Office 365, and Exchange, will be sought after in 2021. Processing potentially sensitive information in these collaboration software platforms will be a major concern for organizations with increased remote workforces, particularly in regulated industries such as financial services and healthcare. Other concerns for cloud adopters are hackers attempting to take over cloud servers and deploy malicious container images. We expect a sprawl of vulnerable images running in various architectures as users put unfettered trust in container services and depositories. These images will be aimed at hijacking repositories and poisoning resources. Exposed data will be a common pitfall that leads to cloud-based breaches and attacks in organizations.
Where does this leave us?
Organizations should focus on creating security-based company policies and an incident response plan that covers the perimeter of their operations. This will harden services, workstations, and corporate data while empowering businesses to work remotely.
Refrain from putting implicit trust in assets or user accounts regardless of the location. An incident response plan will have to outline how an organization would deal with security in a network with discrete machines. Companies should advise work-from-home employees on matters such as home router and internet of things (IoT) security, as well as the use of the virtual private network (VPN).