FortiGuard Labs
FortiGuard Labs Fortinet, Inc

Most people were more than ready to have 2020 in the rear-view mirror, and probably no one more than cybersecurity teams. Unfortunately, the cyberfraud problems we saw in 2020 aren't going away. As threat research shows, cybercriminals will continue to take advantage of weaknesses related to the rise in remote work. Constant vigilance is going to be required from organizations that want to protect their people and data from attack as cybercriminals move to disruptive, individual-focused methods in 2021.

Social Engineering Attacks Won’t Go Away, Just Evolve

To a cybercriminal, social engineering is a highly effective way to maximize profits while reducing costs. Social engineering takes advantage of human emotions and the fact that people desperate for information let down their digital guards. People who are overwhelmed by emotions like fear or empathy make good targets because emotion often leads to impulsive decisions. By playing on people's emotions during the pandemic, cybercriminals launched successful phishing attacks related to subjects such as health, vaccines, and layoffs. Even worse, an abundance of “as-a-service” criminal software can now be purchased on the dark web to make social engineering attacks even easier.

After a year of pandemic isolation, people are seeking a return to normal life. The desire to believe positive information makes social engineering attacks related to vaccines even more profitable at the moment. The good news is that as more reliable sources of information become available, the cost-benefit of these scams should decrease. But the bad news is that new scams are likely to arise related to things like travel and vacation as areas begin to open and people start looking for things to do and places to go.

Threats Related to Remote Work Will Be Here – to Stay

In 2020, the rise in remote work provided ample opportunities for cybercriminals looking to access corporate networks. And exploits targeting the Internet of Things (IoT) were at the top of the list. Because every IoT device introduces a new network edge, organizations need to defend, monitor, and secure every device. Security teams also need to remain aware of the latest threats related to edge access and browsers.

Today's malware code is more flexible and can reach farther into the attack surface, which means a single malware campaign can have a wide focus across different devices and platforms. With a large infrastructure across multiple browsers and applications, the Adrozek malware family, for example, is controlling hundreds of thousands of domains. The malware itself performs browser injection to seed malicious search results. After adding browser extensions and modifying a DLL, it changes browser settings to insert additional, unauthorized ads into web pages, often on top of legitimate ads from search engines.

People have gotten used to assuming that browsers are secure, but a ttacks may not involve the parts of the browser that people see. Often, attacks take advantage of how a browser delivers an ad, how it performs searches, or other processes. Another thing to consider is that many edge devices also have browsers that are used to receiving communication and updates, so today's browsers often act as a new edge. Bad actors are using browsers to their advantage by using a devices’ built-in code. Then using b otnets, attackers can create hundreds of thousands of drones that can attack a wide variety of machines, such as Windows, Mac, and Linux systems in addition to IoT and edge devices.

What to Do?

Social engineering and edge threats related to remote work are both great ways to get into larger organizations. Businesses need an integrated strategy that includes threat intelligence that can be shared and utilized across all deployed security systems. Security teams also need to have deep visibility into and across the network, particularly when a large proportion of their users are outside of the standard network perimeter. And with more and more devices accessing the network, creating additional edges, security teams should also take advantage of artificial intelligence and automation to secure and monitor the network. These teams need solutions that can mitigate attacks quickly, at scale, and across all of the edges on the network. And to combat social engineering, organizations should complement security technologies with comprehensive cybersecurity awareness training. Because cybersecurity isn't just an IT problem; it's everyone's problem.

Learn more about Fortinet’s free cybersecurity training initiative or about the Fortinet NSE Training program , Security Academy program , and Veteran program .