Fifth-generation cyberattacks are here. How can the IT industry adapt?

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Itai Greenberg, Vice-President, Product Management, Check Point


• Cyberattacks are continuing to grow in sophistication and scale.

• The coronavirus pandemic has increased the attack surface for cybercriminals, leading to a possible cyber-pandemic.

• Healthcare is one industry that has been particularly exposed.

If you look back at early 2020 “new year predictions”, you will find nowhere a reference to an unprecedented global pandemic that will shut down, in many ways, the way we live and begin a new normal.

But it happened. And with the new normal came “new everything”.

With the rapid shift to more cloud servers, the popularity of network-connected smartphones, in addition to the shift to remote work, organizations had to quickly adapt their security measures to make sure they are secured at all times, from any remote places they might connect from. This has now become the new security perimeter.

The new landscape has generated a surge of sophisticated fifth-generation cyberattacks. As organizations adapted to remote work, and all its digital implications, cyber-criminals seized the global crisis to launch a series of large-scale cyber exploits.

The era of ‘weapons-grade’ hacking

Cyberattacks have reached a new level of sophistication, ranging from international espionage to massive breaches of personal information to large-scale internet disruption.

Advanced “weapons-grade” hacking tools have been leaked, allowing attackers to move fast and infect large numbers of businesses and entities across huge swaths of geographic regions. Large-scale, multi-vector mega-attacks have sparked a need for integrated and unified security structures.

Most businesses are still in the world of second- or third-generation security, which only protects against viruses, application attacks and payload delivery. Networks, virtualized data centres, cloud environments and mobile devices are all left exposed. To ensure a cybersecure organization, businesses must evolve to fifth-generation security: advanced threat prevention that uniformly prevents attacks on a business’s entire IT infrastructure.

The SolarWinds supply-chain attack

Just as we thought 2020 could not have brought any more bad news or cybercrime advancements, along came the SolarWinds incident, which swiftly qualified for the title of the most significant attack of the year: sophisticated, multi-vector attacks with clear characteristics of a cyber pandemic, where the malicious activity is spread within the organization in a manner of seconds. This was a manifestation of fifth-generation cyber-attack.

The scope of the incident became clearer several days later when Microsoft, FireEye, SolarWinds, and the US government all admitted they suffered an attack made possible by a hack to SolarWinds, a common IT-management software. Further investigation revealed that the attackers added a backdoor, called Sunburst, to a component of the SolarWinds system, which was then distributed to its customers via an automatic software update. That granted remote access to multiple high-profile organizations – making it one of the most successful supply-chain attacks ever observed.

Several aspects of the SolarWinds supply-chain attack make it unprecedented in the ever-evolving cyber-landscape. Its scope was uniquely broad, with an estimated 18,000 SolarWinds customers affected, including most Fortune 500 firms.

COVID ushers in a cyber-pandemic

COVID-19 forced organizations to set aside their existing business and strategic plans, and quickly pivot to delivering secure remote connectivity at massive scale for their workforces. Security teams also had to deal with escalating threats to their new cloud deployments, as hackers sought to take advantage of the pandemic’s disruption: 71% of security professionals reported an increase in cyber-threats since lockdowns started.

As COVID-19 continues to dominate headlines in 2021, news of vaccine developments or new national restrictions will continue to be used in phishing campaigns, as they have been through 2020. The pharma companies that developed vaccines will also continue to be targeted by malicious attacks from criminals or nation states looking to exploit the situation.

Recent Check Point research shows that healthcare is currently the most targeted industry in the US, with a 71% increase in attacks compared to September. The chart below shows the sharp increase of healthcare-sector attacks compared to the global increase; since November, there has been an increase of over 45% in the amount of attacks in the sector, double the global increase in amount of attacks over the same time period (22%).

Healthcare sector cyberattacks in 2020
Healthcare sector cyberattacks in 2020 Image: Check Point

Remote vulnerabilities

As the coronavirus spread worldwide, the social distancing policies enacted due to the COVID-19 pandemic shifted a substantial portion of businesses from corporate offices to employees’ home offices. Network admins had to rapidly adjust to the requirements of working remotely and implement remote-access platforms within their organizations. Unfortunately, these often resulted in misconfigurations and vulnerable connections, allowing attackers to leverage these flaws to access corporate information.

As a result, the first half of 2020 saw an increase in attacks against remote access technologies such as RDP (Remote Desktop Protocol, developed by Microsoft to provide an interface for remote connection) and VPN. The following chart displays the increase in attacks exploiting vulnerabilities in remote connection products.

Attacks targetting remote connection vulnerabilities
Attacks targetting remote connection vulnerabilities Image: Check Point

Schools and universities have pivoted to large-scale use of e-learning platforms, so perhaps it’s no surprise that the sector experienced a 30% increase in weekly cyberattacks during the month of August, in the run-up to the start of new semesters. Attacks launched by these digital “class clowns” will continue to disrupt remote-learning activities over the coming year, if and when the pandemic spread will peak.

Fifth-generation solutions

With this new world, comes a new opportunity to redefine the role of cybersecurity and ensure every organization is stepping up the fifth generation of security. Below are three guiding principles:

1. Real-time prevention

As we‘ve learned, vaccination is far better than treatment. The same applies to your cybersecurity. Real time prevention of attacks, before they infiltrate, places your organization in a better position to defend against the next cyber-pandemic.

2. Consolidation and visibility

Solutions applied in individual areas of attack will probably leave you with security gaps, fragmented visibility, complex management and limited options to scale. Consolidated security architecture will guarantee you the security effectiveness needed to prevent sophisticated cyberattack. Unified management and risk visibility fill out your security posture. Cybersecurity

What is the Forum doing to avert a cyber pandemic?

Next-generation technologies such as AI, ubiquitous connectivity and quantum computing have the potential to generate new risks for the world, and at this stage, their full impact is not well understood.

There is an urgent need for collective action, policy intervention and improved accountability for government and business in order to avert a potential cyber pandemic.https://www.weforum.org/videos/a-cyber-attack-with-covid-like-characteristics

The Forum’s Centre for Cybersecurity launched the Future Series: Cybercrime 2025 initiative to identify what approaches are required to manage cyber risks in the face of the major technology trends taking place in the near future.

Find out more on how the Forum is leading over 150 global experts from business, government and research institutions, and how to get involved, in our impact story.

3. Keep your threat intelligence up to date

To prevent zero-day attacks, organizations first need incisive, real-time threat intelligence that provides up-to-minute information on the newest attack vectors and hacking techniques. Threat intelligence must cover all attack surfaces including cloud, mobile, network, endpoint and IoT.

the sting Milestone

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

Bertelsmann Stiftung @ European Business Summit 2014: Transatlantic Free Trade Agreement (TTIP) needs balanced approach

Blue bonds: What they are, and how they can help the oceans

Nearly two million Cameroonians face humanitarian emergency: UNICEF

Greece leaves EU aid program, gets last 15 billion euro

Improving coverage of mental health services

On eve of Gaza border protest anniversary, UN’s top humanitarian official for Palestine calls for calm

OECD: Rising employment overshadowed by unprecedented wage stagnation

What the car industry has done to help fight climate change – and what it needs to do next

In Tanzania visit, UNHCR official stresses freedom of choice is crucial for refugee returns

Mental health and suicide: when the alarm bells are faced with deaf ears

Hundreds of thousands migrants ready to cross the Mediterranean. Only a local matter?

How we can build our way out of the crisis

UN calls for funds to ease ‘deteriorating’ humanitarian situation in Gaza and West Bank

Eurozone business activity again on upwards path

ECB settles the bank resolution issue, makes banking union tangible

The European Youth raises their voices this week in Brussels at Yo!Fest 2015

Sustainable Infrastructure and Connectivity in the Belt and Road Initiative (BRI): a stimulating China-EU dialogue at European Business Summit 2018

Innovation and Entrepreneurship Changing the Face of Europe

EU labour mobility: Inconvenient truths for everybody

Venezuela: Competing US, Russia resolutions fail to pass in Security Council

Can We(esterners) ever understand (the) Chinese

This new initiative aims to make cybercrime harder – and riskier – to commit

Mobile health technology: Advances, Facilitations and Promotion of Autonomy

This man is sleeping out in the Davos cold to make a point about homelessness

The European Parliament floating over the South China Sea

This Kenyan company makes fuel from human poo

ECB with an iron hand disciplines the smaller Eurozone member states; latest victim: Greece

June infringements package: key decisions

MWC 2016 LIVE: Ericsson/Cisco partnership on track, insist execs

Launch of Pact for Youth: European Youth Forum calls for real business engagement

Protect women’s rights ‘before, during and after conflict’ UN chief tells high-level Security Council debate

How COVID-19 is making companies act for the long term

More women than ever are working in Hollywood, but men still dominate key roles

Libya: Heavy shelling and civilian deaths ‘blatant violation’ of international law – UN envoy

How each country’s share of global CO2 emissions changes over time

Spanish and Polish voters are crying out for an imminent European change while US urge now Germany to change route

Tax havens cost governments $200 billion a year. It’s time to change the way global tax works

The mental domain in times of a pandemic

COVID-19: Commission launches European team of scientific experts to strengthen EU coordination and medical response

‘Deeply concerned.’ WHO officials stress the need for continued vigilance – WHO briefing

6 things to know about coronavirus today, 1 April

Dangers of poor quality health care revealed ‘in all countries’: WHO report

EU strengthens cooperation with Ethiopia

Jean-Claude Juncker and Theresa May at last week’s EU Council. Source: EC Audiovisual Services / Copyright: European Union, 2017 / Photo: Etienne Ansotte

EU leaders open “Phase Two” of Brexit talks and warn Theresa May of tougher times

Circular Plastics Alliance: 100+ signatories commit to use 10 million tons of recycled plastic in new products by 2025

EU Commission says falling labour remuneration leads to deflation and damages growth prospects

The US and EU decisively oppose Erdogan’s plans for Turkey and beyond

JADE Spring Meeting Live Coverage: Entrepreneurial skills in the digital markets

UN working with both sides, after hidden tunnels confirmed along Lebanon-Israel ‘Blue Line’

MEPs propose measures to combat mobbing and sexual harassment

EU-UK relations: MEPs approve rules to ensure Eurotunnel safety and cooperation

UN cultural agency removes birthplace of Jesus from its list of heritage sites in danger

Achieving a European Education Area by 2025 and resetting education and training for the digital age

European Youth Capital 2018 : Cascais

This chart shows the fall in coal-power plants being planned around the world

UN agency ramps up effort to counter growing nuclear threat from cyberspace

daniela-runchi-jade-president__

A Sting Exclusive: “Education in Europe, fostering skills development inside and outside the school system”

State aid: Commission approves €500 million Greek scheme to support the self-employed affected by coronavirus outbreak

IMF’s Lagarde: Ukraine must fight corruption

MEPs approve boost to workers’ rights in the gig economy

More Stings?

Advertising

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s