It’s December, so you know what that means: Predictions for what’s to come for cyber in 2021. We brought together a number of IronNet experts, from executives to researchers, to speculate on what the Year of the Ox has in store for the cyber world.
From Anthony Grenga, Director of IronNet’s Security Operations Center:
1. 2021 will be the year of the client-side exploit
During pre-COVID and early COVID, there was a large spike in client side exploitation and COVID-related phishing. We saw a 300% increase in card skimming as most new work-from-home employees experienced a disruption in what was considered normal productivity, including a lot more eCommerce traffic. Then, during COVID and even now, as the VPN and remote access noise drastically increased due to extended remote work, N-Day remote access vulnerabilities were the soup du jour (Citrix Gateway, Pulse Secure, Fortigate, and others). We observed warnings from CISA / FBI and NSA to update these vulnerabilities that came out almost a half a year ago, but were already being abused heavily by attackers living off the land.