How automation will shape cybersecurity in 2021

Researchers in WatchGuard Technologies’ Threat Lab are predicting that automation will play a major role in shaping cybersecurity attack and defence activities in 2021.

Traditionally a high-investment, high-return targeted attack, WatchGuard predicts that automation tools will replace manual techniques to help cyber criminals launch spear phishing campaigns at record volumes, by harvesting victim-specific data from social media sites and company web pages – as society continues to grapple with the impact of COVID-19, it is likely that these automated spear phishing attacks will prey on fears around the pandemic, politics and the economy.

Conversely, the research team at WatchGuard believes that automation will also help cloud-hosting providers such as Amazon, Microsoft and Google to crack down on cyber criminal groups abusing their reputation and services to launch malicious attacks.

Threat actors commonly host website HTML files designed to mimic a legitimate website like Microsoft365 or Google Drive to steal credentials submitted by unsuspecting victims. In 2021 however, WatchGuard predicts these companies will deploy automated tools and file validation technologies that will spot spoofed authentication portals.

In its annual look ahead to the next 12 months, the WatchGuard Threat Lab also expects the tumultuous events of 2020 to impact the threat landscape next year and for years to come.

Attackers swarm VPNs and RDPs as the remote workforce grows

As more companies adopt VPNs and Remote Desktop Protocol (RDP) solutions to provide secure connections to employees working from home, WatchGuard predicts attacks against them will double in 2021. If an attacker can compromise VPN, RDP or remote connection servers, they have an unobstructed path into the corporate network.

Security gaps in legacy endpoints targeted

Endpoints have become a high priority target for attackers during the global pandemic and many personal computers are still running legacy software that is difficult to patch or update. With Microsoft just ending its extended support program for Windows 7, WatchGuard is warning organisations to expect at least one major new Windows 7 vulnerability to make headlines in 2021.

Services without MFA will suffer a breach

Although authentication is the cornerstone of strong security, with billions of usernames and passwords available on the dark web and the prevalence of automated authentication attacks, no Internet-exposed service is safe from cyber intrusion if it isn’t using multi-factor authentication (MFA). In fact, WatchGuard believes that any service without MFA enabled is highly likely to be compromised in 2021.

Corey Nachreiner, CTO at WatchGuard Technologies, remarked: “As we have learnt in 2020, it is very difficult to predict what is going to happen in the future – but, our Threat Lab team along with other researchers around the world have an increasing level of analytics and insight to make well-informed guesses.

“Cyber criminals always look for the weak links, so the growing ranks of home workers are an obvious target and when it comes to new technologies such as automation and AI, what can work for good, can also be exploited for malicious activity. It’s just a case of trying to stay one step ahead.”

To find out more information on the WatchGuard Threat Lab predictions, visit: https://www.watchguard.com/wgrd-resource-center/cyber-security-predictions-2021.