LastPass Security Breach: LastPass claims no data was compromised despite cybersecurity attack

Protect yourself

In 2021, cybercriminals launched a wave of cyberattacks that were not only highly coordinated, but also much more sophisticated than ever before. You may have read about recent cybersecurity incidents affecting some of the largest companies in the world.

A wave of new threats, technologies and business models has emerged in the cybersecurity space as the world transitioned to a remote working model in response to the COVID-19 pandemic and then transitioned to a “hybrid” work culture.

These cyberattacks target everyone, but trends show that small businesses are one of the most common targets. Neelesh Kripalani, Chief Technology Officer of Clover Infotech, shares five cybersecurity threats that companies should be able to mitigate by 2022:

Remote attacks

Within the set-up of the organization, one can mitigate the common cybersecurity risks through firewall, employee awareness, strict policies, etc. However, when employees work remotely, it becomes difficult to take cybersecurity measures. A recent survey by UK and US security firm Tessian found that 56% of senior IT technicians believe their employees have picked up bad cybersecurity habits while working from home. Some of the major cybersecurity risks associated with remote working include insecure networks, use of personal devices, human error, etc. Implementing security measures such as VPNs, anti-phishing tools, anti-virus programs, constant employee training, etc. can help to reduce the risk to a large extent.

Cloud vulnerabilities

Organizations are rapidly adopting the cloud to accelerate their digital transformation journey. Despite the increasing adoption of the cloud, data security still remains a major concern for many enterprises. Some of the major causes of cloud vulnerabilities are improper management of RDP (Remote Desktop Protocol), misconfigurations, weak authentication and use of shadow IT, etc.

Internet of Things vulnerabilities

Digital transformation is about becoming data driven. The Internet of Things (IoT) is one of the main providers of that data. IoT devices are especially vulnerable because they lack the necessary built-in security controls to defend against threats. According to Kaspersky, the number of IoT cyber attacks will more than double in 2021 compared to the previous year. Vulnerabilities in IoT devices allow cybercriminals to access the sensitive data and launch attacks against other connected systems.

Double Extortion Ransomware Attacks

The traditional story of ransomware was one of malicious code quickly encrypting files using RSA public key encryption, then deleting those files if the victim did not pay the ransom. In the ‘Double Extortion Ransomware Attack’, also known as ‘pay-now-or-get-breached’, threat actors steal data from organizations in addition to encrypting files. This means that attackers not only demand a ransom to decrypt data, but can also later threaten to leak the stolen information if no additional payment is made.