Cyber attacks increased automation spying networks grows to look for victims: this will be cybersecurity in 2021, according to experts: Last year experts predicted that during 2020 the mafias that attack with ransomware would go from encrypting the files of their victims to also stealing them. The forecast was met in a matter of months and this practice already common throughout the world of cybersecurity has claimed several victims, including Spanish firms such as Adif or Mapfre.

Business Insider Spain returns to this prospective exercise in a scenario now much more convulsive: 2020, year of pandemic, the coronavirus crisis has not yet remitted and everyone has adapted as it has been able to new ways of working remotely. 2021 can mark a before and after in the realm of cyber attacks.

At least that is believed by several experts such as Ricardo Maté, Managing director of Sophos Iberia; Hervé Lambert, Global Customer Operations Manager at Panda Security; and José Rosell, managing partner of S2 Grupo.

To collect these trends, the opinions of cybersecurity researchers at Kaspersky have also been taken into account; Ariel Jungheit, David Emm and Costin Raiu, who provided their statements in an article published by Aaron Holmes.

Maté, from Sophos, and Rosell, from S2group, warn that cybersecurity trends for 2021 are already being seen in the last months of this year.

"This year we have witnessed an increase in attacks on health institutions, insurers and several hospitals that have been made public in recent months," Maté recalls. "Many ransomware incidents already feature sophisticated techniques. Now incidents with ransomware are no longer simple malware that enters the system and encrypts; now it monitors, exfiltrates information and asks for a ransom: if the victims do not pay, publish the information or sell it," details Rosell.

"In healthcare environments such as hospitals or clinics, or environments that indirectly handle health information, such as insurance companies, we see a lot of activity from this type of attacks," continues the Managing Partner of S2 Grupo. Two recent examples in Spain are, precisely, SegurCaixa Adeslas or Mapfre.

Cyber attacks increased automation spying networks grows

"Worst of all, ransomware attacks are dynamic: groups of cybercriminals change their tactics every time they enter a victim's network. Against them, traditional mechanisms are not enough: we need to have Threat Hunting experts in companies. Cybersecurity has become an interactive sport in which we can no longer act as mere spectators, waiting to be attacked", trench Maté.

Maté warns that cybercriminals have more and more resources and can already enjoy automated solutions. Rosell goes further: it will be seen in both cyber attacks and Cyber Defense Solutions.

In the words of the Managing Partner of S2 Group, cybercriminals are already introducing artificial intelligence into their attack structures.

Cybersecurity companies, of course, will not be left behind. "We in defense too will end up implementing AI to identify TTP-cybercriminals' tactics, techniques and procedures. "There will be a lot of investment in both attack and defense in the coming years." "Very, very much," he insists.

Cybercriminals will continue to capitalize on the COVID-19 pandemic to exploit the uncertainty of their victims and grab their attention to try to deceive them.

In fact, cases have already been detected of contact tracking applications - such as RadarCOVID in Spain-that have turned out to be false, with which criminal mafias took advantage of this uncertainty to collect data from their victims. This risk has existed since several countries began to develop their technological solutions to trace contacts against the pandemic, and UK authorities were unable to give an answer to a British citizen who asked about this problem.

"Our life is already 100% digital. So, wherever we go, both on a personal and business level we will need a proof-of-everything cybersecurity system." Hervé Lambert of Panda explains it this way. "Companies will have to be more innovative than the 'bad', more and more professional and with more resources." "We will have to try to cover all the technological aspects of people."

The dilemma before was to train workers in cybersecurity to avoid gaps in companies. Now that remote work has been adopted, home connections have become a brutal attack surface. In Rosell's words, " homes can be a jumping-off point to go further." "There are attack vectors that are not yet being used, but they have potential."

It goes further; " another example is the boom in consoles, video games and new technologies used by children in uncontrolled environments."

In Lambert's words, Life is already 100% digital. And it's up on social media.

Rosell advances that in S2 group they have detected how the work in social engineering by cybercriminals grows. "It seems that the' bad guys ' have large R & D departments, because they have quite a bit of imagination. They are launching the classic phishing campaigns, but much more sophisticated, they also use OSINT, research in open sources —social networks—".

OSINT is a technique by which hackers are able to better know their target by collecting information available on the internet or on social networks. With a Facebook wall poorly protected in terms of privacy, a cybercriminal is able to find out where a person works, what position he has, on which web pages he has accounts, know his usual routines and... assault him digitally to be able to attack his company, as warned the Spanish hacker and Telefónica manager, Chema Alonso.

"We are also seeing a positioning of the states," warns Rosell. Almost historically, countries such as China, Russia and North Korea have used collectives of cybercriminals for specific purposes. That does not mean, of course, that this weapon is not used by Western powers such as the United States.

These groups, known as "advanced persistent threats" or APT, use "known techniques, tactics and procedures, but greatly sophisticated their tools," warns the S2 Group. "We are beginning to see tools aimed at attacks in the IT world, in computer systems, but also in the industrial world."

In this sense, the operating environment (OT) can be a much more risk factor in 2021 than in 2020. "We are caught with defenses too low," warns the expert. "There are very advanced sectors, but also some lagging behind, such as water or sanitation, in their industrial sphere." There's "a lot of work to do."

Cyber attacks increased automation spying networks grows

More news:

Amazon would be using Pinkerton spies to track warehouse workers and prevent unionization, according to alleged internal company documents

Amazon is hiring detectives from the notorious Pinkerton agency to spy on warehouse workers and monitor their unionization attempts, according to information from Motherboard.

An Amazon spokesman confirmed to the media that Amazon has effectively recruited operatives from Pinkerton, the spy agency that has a centuries-old history of controlling workers ' unionization activities, among other services.

According to Motherboard, Pinkerton spies were "inserted" into a warehouse in Wroclaw (Poland) in 2019 to investigate an allegation that candidates were being prepared for job interviews.

Amazon spokeswoman Lisa Levandowski tells Business Insider that the company partners with Pinkerton to "secure high-value shipments in transit, "not to gather intelligence on warehouse workers, and that all activities are"fully in line with local laws."

Motherboard obtained internal emails written by members of Amazon's Global Security Operations Center in 2019. Leaked documents reportedly show Amazon analysts tracking workers ' union organizing activity in Europe, and members have the ability to stay up to date on labor organizing efforts made in warehouses, up to date, time, place, and number of workers involved.

Facebook and Instagram were used by data analysts to monitor the activity of social and environmental justice activist groups, including Greta Thunberg's Fridays4future and Greenpeace, the report also reveals. Amazon says the company's analysts don't create social media accounts to track social movements.
.

Levandowski tells Business Insider that " like any other responsible company, we maintain a level of security within our operations to help keep our employees, buildings and inventory safe. That includes having an internal investigation team that works with law enforcement agencies as appropriate, and everything we do is in line with local laws and is carried out with the full knowledge and support of local authorities."

The Pinkerton were used as a resource by nineteenth-century industrial bigwigs to spy on unions and break workers ' strikes. Steel workers staged a strike in 1892 that ended in violence and the deaths of a dozen people when the Carnegie Steel Company recruited 300 Pinkertons to act as armed guards, according to History.com.