Keysight Technologies, a technology company that delivers advanced design and validation solutions to help accelerate innovation to connect and secure the world, today announced its fourth Keysight Security Report. The 2021 report features network security trends over the past year from Keysight’s Application and Threat Intelligence (ATI) Research Center and highlights three areas of critical concern to network security.
The report draws on Keysight’s in-depth experience in network security testing, as well as the company’s expertise in network and cloud visibility. The elite, globally distributed team of dedicated cybersecurity professionals that make up Keysight’s ATI Research Center monitor and analyze evolving indicators that threaten the security of enterprise IT networks. This team leverages input to the research process from multiple sources, including honeypots placed worldwide which actively seek threats in the wild, independent research by the team, international exploit databases, the Dark Web, scans of security news alerts and crowdsourcing, as well as social media and partner feeds. Three trends characterized cybercrime for most of 2020:
Phishing attacks increased by 62 percent. Keysight research shows that there was a 62 percent increase in phishing attacks in 2020 over 2019. In fact, there was rapid increase in these attacks when the pandemic took center stage in March and April as social engineering attacks were related to the pandemic.
Monetary gain took center stage as a key cybercrime motivator. There was a huge uptick in the deployment of ransomware starting in June. While this trend was directed across all industries, healthcare was hit especially hard. 59 percent of the attacks occurred during the second half of 2020.
Supply chain attacks hit the headlines with the SolarWinds attack. The supply chain continues to be a weakness and the SolarWinds attack reinforced the need for security architects to embrace a holistic and comprehensive approach.
Strategic Insights from the Keysight Security Report, 2021
Strategic Insight #1: Phishing and additional social engineering attacks will continue to take advantage of pandemic-related headlines. Keysight’s recommendation: People need to recognize social engineering vaccination scams and network security teams must be aware that bad actors target personally identifiable information (PII) in a healthcare and government setting.
Strategic Insight #2: Ransomware is highly popular because it makes a lot of money for bad actors. While it’s not going away, business models continue to mutate along with malware variants. Keysight’s recommendation: It’s critical to keep enterprise threat detection systems up-to-date with the latest signatures and behavioral patterns, as ransomware builders are getting better at obfuscation and avoiding detection. In addition, network security teams should also be aware that exploitation practices evolve.
Strategic Insight #3: An organization’s supply chain is more than just components. There is a tendency to think of a supply chain as outside entities that either supply a company with software and hardware components or the supplies used when building a product. Keysight’s recommendation: The supply chain is critical to the operation of a business, including utilities, email, cloud providers and even coffee suppliers. Network security must consider non-traditional components that may touch an organization and IT systems.
Strategic Insight #4: Zero-trust is more than just a buzzword. It does not mean limiting what users can see when they connect to an organization’s network. Keysight’s recommendation: A successful zero-trust implementation requires that systems and users can only access the internal or external resources that they absolutely need.
Strategic Insight #5: Assume an organization is breached and behaves accordingly. Keysight’s recommendation: Organizations need visibility into their networks and cloud resources. If network security teams cannot spot anomalies hiding in their network (whether on-premises, in the cloud, or a remote user), then they are allowing breaches to remain undetected indefinitely.