2020 has proven to be a year that will never be forgotten. It’s been a scary year that has tested the strength of our institutions to deal with a highly infectious global pandemic, but it has also been a year of human ingenuity, flexibility, and resiliency in the face of adversity. When faced with a global pandemic people came together and businesses adapted to the reality of in-person interaction in “COVID times.” The transition hasn’t been painless, and we’ve seen some monumental security breaches this year, but it’s not all doom and gloom.
COVID-19 Workplace Shifts
The IT industry was already well placed to transition to remote work thanks to innovations in remote collaboration in the last five years. COVID-19 forced thousands of organizations across the globe to rapidly transition their workforce, and their entire productivity workflow, online. With millions of people forced into the isolation of remote work, many of whom were working from home for the first time, most struggled with the sudden change in environment. Working from home on insecure wireless networks and on personal devices, many end users increasingly became the target of cybercriminals who saw the global pandemic as an opportunity. Additionally, many businesses were forced to divert their IT security employees toward supporting general IT tasks during the transition to online collaboration, further weakening their organizations’ ability to respond in the event of a cyberattack. However, these growing pains might be what the industry needed, as most organizations have invested in their remote work infrastructure to the point where many have already committed to allowing more flexible work-from-home policies when normalcy resumes.
The SolarWinds vulnerability has been a massive talking point over the last few weeks, and for good reason. The compromised SolarWinds Orion network monitoring tool was used by some of the biggest companies and government agencies in the world, with confirmed breaches in the Treasury Department, the Department of Homeland Security, the Commerce Department, Microsoft, FireEye, and many more. While the story will continue to develop over the coming months, the technical details of the vulnerability were released by FireEye in this December 13th Threat Research publication and patches have been made available by SolarWinds. With the incredibly advanced tactics described in the FireEye publication, it is not surprising that many in the industry believe that this was a state-sponsored attack, targeting some of the best secured organizations in the world. It is important to note, however, that as of the writing of this publication that it is believed the only the SolarWinds Orion tool was compromised, and that other SolarWinds products were unaffected by the attack.
Twitter account hijacking
In July, a series of high-profile Twitter accounts were compromised in order to perpetrate a bitcoin scam. Apple, Bill Gates, Elon Musk, Uber, and many more had their twitter accounts hijacked in a social engineering attack via an internal account management tool that reset the email addresses of high-profile accounts. Reportedly, the hijackers received as much as $120,000 in Bitcoin before twitter locked access to all “Verified” twitter accounts and removed the tweets. While Twitter investigated the source of the intrusion and how the attackers gained access to some of the most important accounts on the website, all interaction with the website was blocked for Verified users to limit any further potential scams.
Zoom privacy concerns/bombing
With the drastic increase in teleconferencing and remote collaboration that is one of the hallmarks of 2020, Zoom became an essential tool for thousands of organizations. Pretty quickly though, security researchers found that Zoom’s advertised privacy and security features were dubious at best. While Zoom boasted of full end-to-end encryption in its security whitepapers, researchers found that the basis for this claim is simply that Zoom only used TLS encryption for VoIP transmission, which does prevent third parties from eavesdropping, but does nothing to prevent Zoom from accessing that information. Further, online trolls were able to “Zoombomb” conference rooms that aren’t adequately secured, allowing the malicious actors to eavesdrop, disrupt the call with noise, screensharing offensive materials, and ruin the conference with other disruptive behaviors. This, along with privacy and security concerns, caused many to question how appropriate it was to use Zoom for sensitive meetings.
Moving on to 2021
To wrap things up, this year has been crazy, scary, lonely, and everyone has struggled one way or another. Those of us in the IT industry have been extremely fortunate in that for the most part, our jobs can continue onward in a remote capacity, whereas many in other industries are facing existential crises. 2020 has been a year marked by an unprecedented amount of physical and emotional social distancing, but it’s also an opportunity to come together and show the world what we are capable of overcoming. This is what we believe 2021 will be known for, in much the same way as 2020 may be remembered as the year of isolation. That it will be remembered as the year in which the world came together to heal.