2021 Predictions from James Carder, Chief Security Officer for LogRhythm

2021 Predictions from James Carder, Chief Security Officer for LogRhythm

Please forgive us for this joke: Tis the season for 2021 predictions. Today, we’re pleased to share these 2021 predictions from James Carder, Chief Security Officer for LogRhythm. It’s a must-read for SIEM audiences and solution seekers.

2021 Predictions from James Carder, Chief Security Officer for LogRhythm

1.  We’ll see the consequences of employees letting their guards down as work-from-home extends.

Many employees will continue to work remotely in 2021 to slow the spread of COVID-19 until a vaccine can be reliably distributed. Consequently, bad actors are no longer following these employees “through the door” when looking to steal data. Instead, they will seek to take advantage of workers who have been remote since the start of the pandemic, as they may be more likely to be letting down their guard when it comes to following security protocols. This relaxation on security protocol — combined with threats that already exist in a rushed remote work environment — will result in data loss rates exceeding what we saw in 2020.

2. Attackers will leverage the COVID-19 vaccine to conduct the largest phishing effort of the year.

In 2020 we saw hackers leverage COVID-19 to distribute a plethora of phishing scams to unsuspecting victims. The number of legitimate emails sent on the topic allowed phishing emails to hide in plain sight. As the race to secure and distribute a vaccine continues, the public will once again seek information on new developments. Attackers will purchase domains and craft emails with this in mind. The amount of content, combined with the thirst for knowledge, will set the stage for a further increase in phishing attacks.

3.  We will see a rise in internet policing as misinformation reaches new heights following the U.S. elections.

Our lives have taken place online more so this year than ever before. In the wake of rampant misinformation efforts across social media platforms and news agencies during the 2020 U.S. election, fear of further escalation will lead to a call for tighter regulations on the internet. Large-scale spear phishing and watering hole attacks will add to the mounting pressure on Congress to introduce and pass legislation that forces tech giants and media organizations alike to have better safeguards in place. 2021 will be a year of holding these organizations accountable using regulation versus allowing them to “self-police.”

The biggest target for misinformation following the U.S. election will be the COVID-19 vaccine. The effort to develop and distribute a vaccine relies on cross-collaboration across numerous countries. But as a vaccine gets closer to market, foreign and domestic hackers will seek to sabotage or steal vital information. This year the U.S. accused both Russia and China of trying to steal information related to vaccine development. However, the greatest threat will occur when the vaccine enters the final approval stages and is prepared for distribution. Malicious foreign actors will seek to gain access to critical information that they can leverage for ransom and sensitive patient information from vaccine trials they can sell.

4. The board meeting of a major company conducted using video conferencing software will be exposed, resulting in a high-profile scandal.

With so much of the world staying at home and finding new ways to communicate with others, people are using collaboration tools for everything from highly confidential government discussions to distanced learning in K-12 and university-level education. Both scenarios are targets for bad actors looking to exploit vulnerabilities. In both the school and office environment, Zoom has been battling a major influx in hacks since COVID-19 began, with bad actors partaking in ‘Zoom Bombing’ to sabotage calls with disruptive videos and commentary. As these criminals’ efforts continue to become more sophisticated, we will see a threat actor gain access to a major public company’s board meeting and leak compromising business information that results in a high-profile scandal.

5. Deepfakes will become a significant threat to business integrity.

COVID-19 has forced in-person communication to go virtual, which means businesses are relying on video conferencing to conduct meetings more than ever before. While the notion of deepfakes may not be new, they are getting increasingly sophisticated and are becoming remarkably easy to generate. Take ThisPersonDoesNotExist.com, for example, which leverages AI to create completely believable images of people that don’t exist in real life. If this process can be conducted with relatively little information, then certainly hackers can leverage work profiles used for video conferencing technology — which has employees’ names and pictures automatically associated with them — to create convincing fakes.

The unprecedented shift to remote work will lead to video and images of leaders inside an organization being weaponized to exploit employees for financial gain. Outside of being used to target employees internally, this technique will be used to dramatically impact a specific stock by manipulating the public into thinking the CEO of a public company has done something damaging.

6. There will be a reckoning within the growing API security market as API data breaches rise.

Earlier this year, Facebook pledged to improve its security as it worked to resolve a lawsuit blaming the company for a 2018 data breach where bad actors leveraged Facebook’s developer APIs to obtain sensitive user information. This is not a threat that is unique to Facebook or any one industry.

In fact, this is a rising threat, as APIs are one of the largest attack surfaces for organizations. More and more businesses across industries are building out microservices that leverage APIs, but very few companies know how to build them securely, and the growing API security market is beginning to falter. This will result in a high-level breach and data loss that will be directly traced back to unsecured APIs.

Thanks to James Carder, Chief Security Officer for LogRhythm for these 2021 predictions. For more information, check out our SIEM Buyer’s Guide.

Ben Canner