It’s estimated that last year, more than any other registered domain during the same period, coronavirus-themed domains had a 50 per cent greater likelihood of being malicious. Terry Cutler says 2020 was just the tip of the iceberg: Criminals were sticking to a lot of common attacks and “honing their game” to redouble their efforts in 2021 as the digital threat landscape continues to expand.
“I think 2021 is going to be worse,” Cutler, founder & CEO of Cyology Labs, said during a MapleSEC Satellite Series panel about emerging threats. “Worse” in this case, takes the form of supply chain attacks.
December’s cyberattack on the SolarWinds Orion network management platform was just a hint of things to come, and according to Michael Barr, the chief information officer for the Southern Alberta Institute of Technology, the incident has set off alarm bells in Canada.
“When a company like Microsoft and numerous departments within the U.S. government are compromised, you know that it’s real,” Barr said.
Getting along with third-party vendors and channel partners goes a long way towards maintaining a healthy IT supply chain.
“We work with dozens of companies that we refer to as third parties. And so if a third party partner is compromised, because of the trusting nature of our relationships, then defacto that represents a threat factor that we have to take into consideration. We’re no longer the masters of our own domain, we can’t control everything.
“It’s in your best interest to know these people.”
Barr says there’s a lot of fear across IT teams in the U.S. following the SolarWinds supply chain attack. The message that’s been given to IT teams in the U.S. public sector has been blunt: Rip and replace your system now.
“There’s no patching, there’s no fixing. You can’t antivirus this – rip and replace.”
Cutler says software that can monitor IT activity in real-time and basic cyber hygiene can help, but they’re not enough when the simple truth is Canada and the rest of the world is suffering from a serious talent shortage.
Kimberley St. Pierre, director of strategic accounts at Tanium, suggests organizations minimize complexity within their environments to eliminate unnecessary attack surfaces and make life a bit easier for the security teams. An enterprise managing a remote workforce of thousands needs to keep in mind compliance and regulatory requirements on top of the day-to-day operations, so a bit of consolidation can go a long way.
Related:
Manufacturing spending billions on IoT, but still can’t patch Windows or remember passwords [Full story]
Other threats on St. Pierre’s radar are the ones that latch on to the thousands of IoT devices coming online in manufacturing and healthcare.
“What bugs me most about IoT is I really believe that the device manufacturers have gotten off very easy for a lot of years. They need to take more responsibility to ensure that those devices can be easy, and I mean really easily, secured right out of the box,” she said.