The past year has brought so much change and impacted almost every area of life. When COVID 19 forced everyone to drastically shift their daily routines, it created a domino effect that could be felt in the farthest reaches of society. Even the field of cybersecurity was affected, and not lightly. It took several hits that we’re still trying to understand the full impacts of. We’ll be discussing those effects along with some others that weren’t necessarily pandemic related but still incredibly significant for the future of cybersecurity.
With social distancing becoming the number one way to avoid spreading covid, many workplaces and educational institutions shifted to a remote or virtual environment. While this has many benefits, it proved very difficult to put into practice for all of the people involved. The flood of new users switching from in-person to remote resulted in an overload on VPNs and servers. This, in turn, caused many security issues that hackers could exploit especially since it was found that 85% of CISOs sacrificed security to move to remote work quickly. Unfortunately, business operations were often prioritized over security and that could result in some unsavory consequences down the line. It was especially difficult in the beginning as phishing scams and video call hackings were running rampant.
Schools are particularly vulnerable because they have less experience working in a remote environment than some businesses, are often underfunded, and are therefore unable to afford to implement certain security measures. Hackers also know how much they rely on their systems for day-to-day operations and will try to take them down with ransomware in the hopes of a nice payout.
Resist the Bait
Without hesitation, hackers will take full advantage of a crisis and that’s exactly what they did during the pandemic. Cybercriminals used people’s fear and confusion around covid against them by sending out phishing campaigns disguised as helpful information to trick people into providing login credentials and other personal information. Then, when people were staying home during quarantine hackers even took advantage of the uptick in Netflix subscriptions! They started sending out emails that looked like they were coming from Netflix and only someone with a careful eye and knowledge of phishing scams would be able to tell that they were fake.
Healthcare Takes a Hit
While hospitals and healthcare workers were already scrambling to deal with the rising covid cases across the globe, hackers couldn’t even give them a break. Knowing hospitals would be at their most desperate, hackers began targeting them at full force with ransomware. This included a large attack against Universal Health Services which left locations in California, Florida, Texas, Arizona, and Washington DC unable to access their computers and phone systems. This is particularly dangerous and can even prove fatal as one hospital in Germany discovered. Unfortunately, if cybercriminals are going to go this far, organizations need to take ransomware more seriously as a threat and prepare accordingly.
Prepping for CMMC
This year, many organizations have been affected by the new “Cybersecurity Maturity Model Certification” or CMMC regulations. The Office of the Assistant Secretary of Defense for Acquisition within the Department of Defense (DoD) is leading the effort to secure the DoD Supply chain and Defense Industrial Base through the introduction of CMMC. This third-party mandated evaluation of a contractor’s cyber-hygiene will be a requirement for contract award starting in 2021, with a slow rollout through 2026 when all contracts will require the organization’s certification. Suppliers are an increasing target for adversaries to obtain sensitive federal contracts and controlled unclassified information. Organizations that work in the defense supply chain will need time to prepare for certification and currently also have the very recent DFARS Interim Rule mandates to comply within effect since November 30th, 2020 during the transitional period.
On December 8th, cybersecurity firm FireEye reported a breach of their network. After further investigation, the firm identified the source of the breach to be the Orion network monitoring product from SolarWinds. According to FireEye, the breach was part of an extensive attack dating back to the Spring of 2020. This is significant because SolarWinds is one of the most widely used IT infrastructure monitoring programs in the world. It monitors network performance, servers and applications, and configuration management. It offers a lot of visibility into large complex computer networks remotely. Thousands of organizations around the globe utilize it for their security monitoring, and at this point, the full effects of this attack are yet to be understood.
It’s clear that 2020 has had a major impact on cybersecurity. It’s exacerbated issues that have been lurking in the shadows and brought brand new ones to light. One thing we do know is that this past year gave us the opportunity to learn a lot of lessons. Let's use a page out of the hacker's playbook by taking advantage of the past year’s challenges and using what we’ve learned to improve our cybersecurity processes and practices for 2021.
Written by Elizabeth Dasenbrock
Elizabeth Dasenbrock is a marketer/graphic designer whose mission has always been to creatively express stories and ideas. Her skill set allows her to convey concepts to particular audiences in a visually appealing way. At TechGuard, she works on the marketing team with a focus on graphic design. In her free time, she can usually be found working on personal creative projects, tending to her houseplants, or spending time with friends and family.