"Top Cyber Threats of 2021 Causing Apprehension in the IT and Security Sector"
Zero-day vulnerabilities have become a significant concern for companies and cybersecurity professionals worldwide. These points of access, often exploited by various threat actors and tools for chain attacks, pose a serious risk to the security of organisations.
The Microsoft Exchange hack, which raised awareness about Managed Service Providers (MSPs), has been a notable example of this. According to Matthew Fox, creative director at Valiant Technology, the incident instilled a sense of paranoia and anxiety reminiscent of his days running IT departments.
The Kaseya ransomware attack, carried out by the REvil ransomware gang, further highlighted the danger posed by zero-days. The attack exploited a zero-day vulnerability in Kaseya's VSA remote management tool, causing one of the largest ransomware attacks in history. MSPs or MSP clients were among the victims, making it the top threat for the security industry this year, according to Kelvin Tegelaar, CTO of Lime Networks.
With remote or hybrid work becoming the norm, companies can no longer rely on static controls to fend off threats. Even with efficient security strategies, security teams still grapple with the headache of mass attacks caused by zero days.
Research from JumpCloud shows that security breaches, hacks, and ransomware are the top three concerns for IT professionals in 2021. This is not surprising given the increasing number of zero-day vulnerabilities. Mandiant found that the number of zero days in 2021 is already double the total amount from 2020.
One of the most high-profile zero days of 2021 is PrintNightmare, a vulnerability impacting supported versions of Windows. Despite the majority of Lime Networks' clients being cloud-based, PrintNightmare still caused some issues, being a top issue for security teams in terms of ticketing and interrupting workflow. A consulting firm reported that 30% to 40% of their service desk time was spent on printer-related issues due to PrintNightmare.
Another concern is the use of fixes in patches as proof of concept exploits. This was evident in the Microsoft Exchange vulnerability, where criminals exploited the fixes instead of the vulnerability itself.
Corporate stakeholders are also becoming more aware of the risk calculus of their technology stacks, asking the question: Are we a target? Matthew Fox, creative director at Valiant Technology, has a different perspective on attacks after leaving "hands-on IT". He emphasises the importance of understanding the risk landscape and being prepared for potential threats.
In a positive note, the Salesloft Drift integration was restored after a probe revealed a monthslong GitHub account compromise. This incident serves as a reminder that even with the increased threat of zero-day vulnerabilities, vigilance and quick action can help mitigate the impact of cyber attacks.
Researchers have also warned of a zero-day vulnerability in SiteCore products, underscoring the need for continuous vigilance in the cybersecurity landscape. As we move forward, it is clear that understanding and addressing zero-day threats will be a crucial part of maintaining the security of our digital infrastructure.
