Fifth-generation cyberattacks are here. How can the IT industry adapt?

(Credit: Unsplash)

This article is brought to you thanks to the collaboration of The European Sting with the World Economic Forum.

Author: Itai Greenberg, Vice-President, Product Management, Check Point


• Cyberattacks are continuing to grow in sophistication and scale.

• The coronavirus pandemic has increased the attack surface for cybercriminals, leading to a possible cyber-pandemic.

• Healthcare is one industry that has been particularly exposed.

If you look back at early 2020 “new year predictions”, you will find nowhere a reference to an unprecedented global pandemic that will shut down, in many ways, the way we live and begin a new normal.

But it happened. And with the new normal came “new everything”.

With the rapid shift to more cloud servers, the popularity of network-connected smartphones, in addition to the shift to remote work, organizations had to quickly adapt their security measures to make sure they are secured at all times, from any remote places they might connect from. This has now become the new security perimeter.

The new landscape has generated a surge of sophisticated fifth-generation cyberattacks. As organizations adapted to remote work, and all its digital implications, cyber-criminals seized the global crisis to launch a series of large-scale cyber exploits.

The era of ‘weapons-grade’ hacking

Cyberattacks have reached a new level of sophistication, ranging from international espionage to massive breaches of personal information to large-scale internet disruption.

Advanced “weapons-grade” hacking tools have been leaked, allowing attackers to move fast and infect large numbers of businesses and entities across huge swaths of geographic regions. Large-scale, multi-vector mega-attacks have sparked a need for integrated and unified security structures.

Most businesses are still in the world of second- or third-generation security, which only protects against viruses, application attacks and payload delivery. Networks, virtualized data centres, cloud environments and mobile devices are all left exposed. To ensure a cybersecure organization, businesses must evolve to fifth-generation security: advanced threat prevention that uniformly prevents attacks on a business’s entire IT infrastructure.

The SolarWinds supply-chain attack

Just as we thought 2020 could not have brought any more bad news or cybercrime advancements, along came the SolarWinds incident, which swiftly qualified for the title of the most significant attack of the year: sophisticated, multi-vector attacks with clear characteristics of a cyber pandemic, where the malicious activity is spread within the organization in a manner of seconds. This was a manifestation of fifth-generation cyber-attack.

The scope of the incident became clearer several days later when Microsoft, FireEye, SolarWinds, and the US government all admitted they suffered an attack made possible by a hack to SolarWinds, a common IT-management software. Further investigation revealed that the attackers added a backdoor, called Sunburst, to a component of the SolarWinds system, which was then distributed to its customers via an automatic software update. That granted remote access to multiple high-profile organizations – making it one of the most successful supply-chain attacks ever observed.

Several aspects of the SolarWinds supply-chain attack make it unprecedented in the ever-evolving cyber-landscape. Its scope was uniquely broad, with an estimated 18,000 SolarWinds customers affected, including most Fortune 500 firms.

COVID ushers in a cyber-pandemic

COVID-19 forced organizations to set aside their existing business and strategic plans, and quickly pivot to delivering secure remote connectivity at massive scale for their workforces. Security teams also had to deal with escalating threats to their new cloud deployments, as hackers sought to take advantage of the pandemic’s disruption: 71% of security professionals reported an increase in cyber-threats since lockdowns started.

As COVID-19 continues to dominate headlines in 2021, news of vaccine developments or new national restrictions will continue to be used in phishing campaigns, as they have been through 2020. The pharma companies that developed vaccines will also continue to be targeted by malicious attacks from criminals or nation states looking to exploit the situation.

Recent Check Point research shows that healthcare is currently the most targeted industry in the US, with a 71% increase in attacks compared to September. The chart below shows the sharp increase of healthcare-sector attacks compared to the global increase; since November, there has been an increase of over 45% in the amount of attacks in the sector, double the global increase in amount of attacks over the same time period (22%).

Healthcare sector cyberattacks in 2020
Healthcare sector cyberattacks in 2020 Image: Check Point

Remote vulnerabilities

As the coronavirus spread worldwide, the social distancing policies enacted due to the COVID-19 pandemic shifted a substantial portion of businesses from corporate offices to employees’ home offices. Network admins had to rapidly adjust to the requirements of working remotely and implement remote-access platforms within their organizations. Unfortunately, these often resulted in misconfigurations and vulnerable connections, allowing attackers to leverage these flaws to access corporate information.

As a result, the first half of 2020 saw an increase in attacks against remote access technologies such as RDP (Remote Desktop Protocol, developed by Microsoft to provide an interface for remote connection) and VPN. The following chart displays the increase in attacks exploiting vulnerabilities in remote connection products.

Attacks targetting remote connection vulnerabilities
Attacks targetting remote connection vulnerabilities Image: Check Point

Schools and universities have pivoted to large-scale use of e-learning platforms, so perhaps it’s no surprise that the sector experienced a 30% increase in weekly cyberattacks during the month of August, in the run-up to the start of new semesters. Attacks launched by these digital “class clowns” will continue to disrupt remote-learning activities over the coming year, if and when the pandemic spread will peak.

Fifth-generation solutions

With this new world, comes a new opportunity to redefine the role of cybersecurity and ensure every organization is stepping up the fifth generation of security. Below are three guiding principles:

1. Real-time prevention

As we‘ve learned, vaccination is far better than treatment. The same applies to your cybersecurity. Real time prevention of attacks, before they infiltrate, places your organization in a better position to defend against the next cyber-pandemic.

2. Consolidation and visibility

Solutions applied in individual areas of attack will probably leave you with security gaps, fragmented visibility, complex management and limited options to scale. Consolidated security architecture will guarantee you the security effectiveness needed to prevent sophisticated cyberattack. Unified management and risk visibility fill out your security posture. Cybersecurity

What is the Forum doing to avert a cyber pandemic?

Next-generation technologies such as AI, ubiquitous connectivity and quantum computing have the potential to generate new risks for the world, and at this stage, their full impact is not well understood.

There is an urgent need for collective action, policy intervention and improved accountability for government and business in order to avert a potential cyber pandemic.https://www.weforum.org/videos/a-cyber-attack-with-covid-like-characteristics

The Forum’s Centre for Cybersecurity launched the Future Series: Cybercrime 2025 initiative to identify what approaches are required to manage cyber risks in the face of the major technology trends taking place in the near future.

Find out more on how the Forum is leading over 150 global experts from business, government and research institutions, and how to get involved, in our impact story.

3. Keep your threat intelligence up to date

To prevent zero-day attacks, organizations first need incisive, real-time threat intelligence that provides up-to-minute information on the newest attack vectors and hacking techniques. Threat intelligence must cover all attack surfaces including cloud, mobile, network, endpoint and IoT.

the sting Milestones

Featured Stings

Can we feed everyone without unleashing disaster? Read on

These campaigners want to give a quarter of the UK back to nature

How to build a more resilient and inclusive global system

Stopping antimicrobial resistance would cost just USD 2 per person a year

Cities: a ’cause of and solution to’ climate change

MEPs cap prices of calls within EU and approve emergency alert system

UN chief hopes for new agreement after Israel concludes international observation mission

How to stay in shape and step up support for refugees

Innovation is the key to the pay-TV industry’s long-term growth

‘Dangerous nationalism’ seriously threatens efforts to tackle statelessness: UNHCR chief

Is Eurozone heading towards a long stagnation?

Spain will soon overtake Japan in life expectancy rankings. Here’s why

Sovereign wealth funds could increase equality in a post-COVID world

Election-related violence claims 85 lives in Afghanistan: UN report

Countries must make teaching profession more financially and intellectually attractive

An economist explains what happens if there’s another financial crisis

Commissioner sings “Volar-e” but the European driver no “Cantar-e”

COP21 Breaking News_03 December: Transport Industry Drive for Improved Energy Efficiency and Electro-Mobility to Stem High Growth of Emissions

This fascinating map shows how food moves around the US

Draghi left alone with no hope of boosting EU growth as Merkel just focuses on next elections

These 11 companies are leading the way to a circular economy

From social entrepreneurship to systems entrepreneurship: how to create lasting change

Parliament votes for €1 billion in aid to Ukraine

How can education empower youth to become tomorrow’s leaders

Worth going ‘extra mile’ for a new Syrian constitution, UN envoy urges

TTIP is not dead as of yet, the 15th round of negotiations in New York shouts

250+ senior claims leaders under one roof, exchanging transformation strategy

The importance and the need of mobile technology in the health care system and in saving lives

MEPs share concerns about COVID-19 variants

Here’s how we can make innovation more inclusive

ECB settles the bank resolution issue, makes banking union tangible

Davos on Climate Change: citizens demanding more actions while CEOs tried to balance profit with sustainability

Coronavirus: Commission expands talks to a fifth vaccine manufacturer

A 3-step plan for carbon-neutral cars

COVID-19 Update: Solidarity and Joint Efforts Shall be the Main Theme For China and Europe in the Fight Against the Outbreak

2018 Golden Pen of Freedom Awarded to Maria Ressa of the Philippines

Trump badly cornered at home by agribusiness and steel consumer lobbies: Trade

As conflicts become more complex, ‘mediation is no longer an option; it is a necessity’, UN chief tells Security Council

European Youth Forum on Summit on Jobs and Growth

The European reaction to the neo-fascist wind

Venezuelan exodus to Ecuador reaches record levels: UN refugee agency steps up aid

MEPs debate Brexit and relations with China following EU spring summit

Brexit may finally not really happen; The Brits have second thoughts

COVID-19: lessons from Italy on public-private healthcare procurement

Mental health and social isolation: how do have an active participation in self-care?

Climate change and health: creating global awareness and using earth resources wisely

How cocoa farming can help stop deforestation

5 ways the ocean can contribute to a green post-COVID recovery

Trying to cure bank cancer with analgesics

How Islamic finance can build resilience to climate change

COVID-19: Why we must take the widescreen view of workforce uncertainty

Want a more inclusive society? Start with mobility

Mental Health: Role of the individual for their well-being in the pandemic

EU confronts environmental threats as global leaders attempt to revive the global sentiment at NYC climate week

‘Free state aid’ for imprudent banks

We need natural solutions to fight ocean and climate risk

With field schools in Kenya, UN agriculture agency teaches techniques to combat drought

It’s time to switch to a four-day working week, say these two Davos experts

Why building consumer trust is the key to unlocking AI’s true potential

What paleoecology can teach us about fires in the Amazon

UN ‘regrets’ new US position on legality of Israeli settlements

In Yemen, Special Envoy sees UN role in preserving ‘essential’ aid pipeline at country’s major port

Eurozone bank rescues ‘a la carte’ until 2015 then only bail-ins

Peacekeeping chief honours Tanzanian troops in Zanzibar, a year on from deadly DR Congo attacks

More Stings?

Speak your Mind Here

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s