How do you secure your website in 2021?

Corporate security vulnerability

Radical business process changes and other impacts of COVID-19 have caused IT infrastructure defences to weaken. Ineffective remote access implementation, VPN vulnerabilities and staff shortages have left corporate data at risk of unauthorised access.

Home devices are also at increased risk: the increased number of remote workers has created an environment where attackers can easily connect to corporate PCs via unsecured local networks, and users are unable to quickly contact IT to prevent the threat of unauthorised intrusion.

Rise in extortion cyberattacks

Malware is being sent via email, and viruses such as Emotet, TrickBot and Dridex often precede the introduction of these programmes. Many criminal groups use aggressive tools to hack domain controllers, which often prove to be the most suitable points for the introduction of ransomware.

The rise of two-stage ransomware campaigns, in which victim data is filtered before being encrypted, will hit government agencies with large amounts of personal data particularly hard.

The rise of "session hijacking" and "wailing" cyberattacks

In 2021, there will be more innovative phishing baits designed to trick users and make attacks harder to identify. The most innovative method of mass phishing seen today is email hijacking by the Emotet botnet. The botnet automatically creates decoy emails using data stolen from compromised email services. This data is later used in correspondences, making them very convincing and encouraging victims to open malware files.

"Wailing," a type of phishing targeting senior executives, will become even more dangerous as cybercriminals will be able to use personal information found or stolen online to create convincing decoy emails to corporate email addresses.

Hacking attacks on key social infrastructures

One of the industries most at risk in 2021 will be the healthcare industry. Healthcare organisations tend to have inadequate resources to protect IT infrastructures, are averse to change and slow to innovate. Education also meets the vulnerability criteria and could become a major target. And the threat extends not only to hospitals and healthcare facilities, but also to larger research centres. Car manufacturers specialising in electric vehicles will also become targets for cyberattacks due to their increasing prestige and profits.

The need for a transparent zero-trust model

Traditional methods of securing access to the corporate network, applications and data no longer work, the strategy of building perimeter network defences is outdated.

Zero trust is the best approach for securing information while working remotely, but to effectively manage identity and access, the system must be easy to use. A key priority of the zero trust model is quality authentication methods such as biometrics.

The need for a new approach to security

The year 2020 has demonstrated the critical need for new approaches to secure remote access. In the future, every element of IT infrastructure will become a cybersecurity battleground, so organisations need to adapt their security and management systems and implement the necessary technological innovations into their workflows.

Technologies such as microvirtualisation are transparent to end users. This means they can open email attachments and download files with confidence, knowing that the system will protect their device from virus infiltration. This approach to protection leaves hackers no chance, helping organisations to deal with any threats both in 2021 and in the long-term future.

Information taken from the HP press release.

AVSEO wishes everyone a good new year, and a safe internet experience!