CV_Winter_21

ChannelVision caught up with Barracuda senior vice president and general manager of MSPs Brian Babineau for a look at some of the developing threats that are taking shape in 2021 — and what MSPs should be paying attention to. ChannelVision: What are some of the major threats that Barracuda is tracking right now that MSPs should be aware of heading into 2021? Brian Babineau: A major threat Barracuda is tracking is botnets. One example is the Trickbot botnet – it creates a network of systems out of reputable environments and could even be on-premises and on endpoints. The only way to slow this down is to root out network notes within the Trickbot network. Trickbots are difficult to defend against because they can sit dormant in the background and can activate and cause a surge when it is least expected. Barracuda recently also found a new variant to InterPlanetary Storm (IPStorm) malware, which can be even stealthier than Trick- bot because of its penetration of Windows and Linux systems, as well as IoT, routers, and Android devices. This can impact both industrial and consumer environ- ments as all it takes is one entry point for a hacker to gain access to an entire network. And with the rise in bring-your- own-network (BYON), in which users are often using their home networks to do their jobs, hackers are finding even more opportunities to insert malware such as ransomware into both business and consumer networks. This is driving the need for zero trust network access (ZTNA). CV: Are there any emerging threats that you’re noticing? Any new issues that you want to draw attention to? BB: In addition to Trickbot and IPStorm, the aforementioned BYON allows businesses to continue to work remotely, in the office, or a combination of both, which is key as the pandemic recovery continues. However, it also presents a new frontier for hackers. BYON relates primarily to access keys. If hackers can get their hands on these access keys and access a network, and potentially even an organizations’ own workflows, they can leave their malware until it’s time for it to do its work. This malware can sit and wait for a call, perhaps a registration of a random domain name, for example. When that domain becomes active, the bot is activated and can perform its task. MSPs will want to educate themselves on these threats and ensure they have the appropriate preventative and restorative securi- ty measures in place. CV: What’s the state of email security heading into 2021? BB: Email continues to be a major threat vector, and we don’t see that threat diminishing in 2021. At Barracuda, we look at email through two lenses. One, how are the attacks happening? And two, what additional layers of security are needed to protect against those attacks? Researchers at Barracuda have identified 13 email threat types faced by organizations today. These range from high-volume attacks, such as spam or malware, to more targeted threats that use social engineering, such as business email compromises and impersonations. Some of these attacks are used in conjunction with others; hackers often combine various techniques. For example, many brand imper- sonation attacks include phishing URLs, and it’s not uncommon to see conversation hijacking as part of business email compromise. In its latest report “Spear Phish- ing: Top Threats and Trends,” Barracuda found that business email compromise (BEC) makes up 12 percent of the spear-phishing attacks analyzed, an increase from just 7 percent in 2019. Meanwhile, 72 percent of COVID-19-related attacks are scamming. In compari- son, 36 percent of overall attacks are scamming. Attackers prefer to use COVID-19 in their less targeted scamming attacks that focus on fake cures and donations. The study also found that 13 percent of all spear-phishing attacks come from internally compromised accounts, so organi- zations need to invest in protect- ing their internal email traffic as much as they do in protecting from external senders. About seven of every 10 spear-phishing attacks include malicious URLs, but only 30 percent of BEC attacks included a link. Hackers using BEC want to Cybersecurity Q&A: Exploring the 2021Threat Landscape with Barracuda CYBER PATROL Brian Babineau Barracuda senior vice president 56 CHANNEL V ISION | January - February, 2021