Article

• Jul 11 2021

Security alert: the cyber threats on the rise in 2021

6 min read

Cyber Security is a problem without a single solution. Businesses can’t ‘buy in’ the answer: there’s no software in the world that can protect against every cyber-attack. Cyber threats are constantly evolving to side-step existing defences and exploit the vulnerabilities that are exposed by digital innovations.

With each new protection, a new threat appears, and cyber-criminals are using more sophisticated methods to exploit business’ cyber vulnerabilities: both technological and cultural. Cyber Security teams are playing an increasingly important role in businesses, not only to facilitate technology solutions but to identify new threats, close the security gaps that appear with every digital advance and play a cultural role in raising awareness of every employee’s individual responsibility for Cyber Security.

Here, we look at some of the Cyber Security threats that are on the rise in 2021, and the Cyber Security skills that businesses need to protect themselves against them.

Polyglot files

A polyglot is a file that is a valid form of multiple file types. It can be both an image and javascript at the same time: enabling harmful code to go undetected by site security that is looking for a certain ‘type’ of file to block.

Polyglot files are not a new addition to the cyber-criminal’s arsenal, but their use in ‘malvertising’ (a cyber-attack that is distributed through malicious advertising) is increasing. GeoEdge, an anti-malvertising solution provider, estimated in 2020 that 1 in every 100 online ads are unsafe.

Polyglot files are similar to steganography – the practice of hiding ‘secret data’ within ordinary files or messages – but the big difference is that they enable the code to be disguised as an image, such as an advertisement, with no obvious code attached.

Victims don’t even need to click the picture, just loading the image is enough to run the malware hidden within it. What the code itself achieves is versatile: it can be used to redirect victims to a different page (such as a false ecommerce site) or to quietly encrypt files for ransom.

Polyglots can be used to attack any website that host third-party advertisements. To protect against them, businesses need multiple layers of security that can be constantly reviewed and updated as polyglot techniques become more sophisticated.

Social engineering

Perhaps the most insidious of all cyber threats, social engineering doesn’t have an easy fix. It targets people, not software, making it harder to solve with technology alone. Phishing, bogus calls, catfishing…socially engineered cyber-attacks convince people to hand over digital information willingly (be it credit card details or secure customer data), rendering purely digital security measures useless.

Socially-engineered cyber attacks have become particularly prevalent as remote working has increased, with employees becoming more vulnerable to scams as they work on personal computers from home.

To overcome social engineering cyber threats, businesses will need to change their mindset, not just their software, with training and awareness that reaches every individual. For this to happen, senior level Cyber Security professionals are needed in leadership roles, to set robust security protocols, lead training, establish best practice for people across the business and evolve these measures accordingly as social cyber-attacks become more convincing.

Deepfakes

A deepfake uses AI to create images and videos of fake events: for instance, getting Donald Trump to sing ‘All I want for Christmas’ or turning the Mona Lisa into a talking head. Yet while these instances are innocuous enough, there is a more sinister side to deepfake technology, and it could soon evolve into a legitimate Cyber Security concern for businesses.

Deepfakes can fabricate a realistic appropriation of a person moving and speaking, sometimes from as little as a single picture. As video communications and facial recognition software become more prevalent, deepfakes could allow criminals to impersonate individuals to pass security, or communicate fraudulently on behalf of a business, with nothing more than a profile picture on a public social media platform.

Would your employees know how to spot a deepfake impersonating a customer on a video call? Are they aware of the risks that their own social media images and information could pose? Do you know what Cyber Security technology you would need to block deepfakes from your communication systems? It’s an aspect of Cyber Security that will need to be addressed in the future: the question is both when and how?Knowing when and how to act against this evolving threat will depend on having the right Cyber Security personnel in-house to offer advice and take action accordingly.

Formjacking

As the name suggests, formjacking attacks a website’s form pages to steal confidential or financial information. Kevin Haley, director of product management for Symantec Security Response, described it as “the virtual world equivalent of the skimmers that get put on ATMs.”

By using illicit javascript code, cyber criminals are able to duplicate the online form every time it is filled in, giving them access to anything from security sign in information to credit card details. Every month, it’s estimated that 4,800 websites are compromised by formjacking – and many remain unaware until they are alerted by consumers.

It’s discreet, efficient and incredibly lucrative for cyber criminals, exploiting common weaknesses in a site’s Cyber Security to steal thousands of data sets from one relatively simple piece of code: and it will keep gathering that data until it is detected.

While eCommerce sites are a particular target for this type of cyber-attack, any business with a website and a form that collects information can fall victim to it. Formjacking is particularly prevalent in websites that use third-parties to process data, with criminals utilising supply chain vulnerabilities to target code: for example, a retailer whose payment portal is embedded from an external bank or payment processor can be more exposed.

Antivirus software can protect against some formjacking attacks, but it can’t block all of them. Formjacking continues to evolve to evade cyber defences: to protect your business, you need to continuously monitor for signs of suspicious activity and keep upgrading your defences. Run vulnerability scans, rigorously test updates from external suppliers and look out for behavioural changes on your system to ensure that your customers don’t discover a security breach before you do.

Are you looking to bolster Cyber Security skills in your existing IT team or create a new squad of cyber-defenders to protect your business? RPI has years of expertise working with businesses across the UK, Europe, MEA, Asia, ANZ & Pacific and Americas, providing them with Cyber Security leaders and experts on both a permanent and interim basis. Take the first step towards fighting off evolving cyber threats by contacting RPI today.

RPI provides access to the top leadership and technology talent globally