TREND Micro Inc, the leader in cloud security, predicts that home networks, remote working software and cloud systems to be at the centre of a new wave of attacks in 2021.
In its prediction report, Turning the Tide, Trend Micro forecasts that 2021 will see cybercriminals zooming into home networks as a critical launch pad to compromising corporate IT (information technology) and IoT (internet of things) networks.
“As we begin to enter a post-pandemic world, the trend for remote working is likely going to stick for many organisations,” observed Trend Micro Malaysia and Nascent Countries’ managing director Goh Chee Hoh.
“We predict more aggressive attacks to target corporate data and networks.”
In this regard, it will become inevitable for security teams to double down on user training, extended detection and response and adaptive access controls.
“This past year was all about surviving: now it’s time for businesses to thrive, with comprehensive cloud security as their foundation,” noted Goh.
The Trend Micro report further warns that end-users who regularly access sensitive data will be at greatest risk.
In the list of the high risk group include human resource professionals accessing employee data, sales managers working with sensitive customer information, and senior executives managing confidential company numbers.
“Attacks will likely exploit known vulnerabilities in online collaboration and productivity software soon after they are disclosed rather than zero-days,” cautioned the report.
Elsewhere, access-as-a-service business models of cybercrime will grow, targeting the home networks of high-value employees, corporate IT and IoT networks.
As such, IT security teams will need to overhaul work from home policies and protections to tackle the complexity of hybrid environments – where work and personal data co-mingle in a single machine.
“Zero-trust approaches will increasingly be favoured to empower and secure distributed workforces,” noted the report.
As third-party integrations reign, Trend Micro also warned that exposed application programming interfaces (APIs) will become a new preferred attack vector for cybercriminals, providing access to sensitive customer data, source code and back-end services.
Cloud systems are another vulnerable area whereby threats will continue to persist in 2021 from unwitting users, misconfigurations, and attackers attempting to take over cloud servers to deploy malicious container images.
All-in, Trend Micro recommends the following steps to mitigate threats in 2021:
- Foster user education and training to extend corporate security best practices to the home, including advice against the use of personal devices;
- Maintain strict access controls for both corporate networks and the home office, including zero trust;
- Double down on best practice security and patch management programmes, and
- Augment threat detection with security expertise to protect cloud workloads, emails, endpoints, networks, and servers round-the-clock. – Dec 10, 2020
