kras99 - stock.adobe.com

Supply chain attacks, IoT threats on tap for Black Hat 2021

Industry analysts say that evolving threats, real-world impacts and supply chain attacks will be among their hot topics at this year's Black Hat 2021 conference.

With the 2021 edition of the Black Hat conference set to kick off in an unprecedented hybrid setup, industry analysts said the security market is also facing challenges it has never seen before.

The annual infosec conference, long billed as a meeting point of enterprise security professionals and researchers who operate at the cutting edge of intrusion and data theft tactics, begins its public sessions on Wednesday. The conference kicks off with a keynote address from Matt Tait, COO of mobile security startup Corellium and a former infosec analyst with the U.K.'s Government Communications Headquarters.

Among the topics Tait is expected to address are supply chain infections, something that has come to the fore in recent months. The 2020 SolarWinds attack, in which software updates for the Orion IT management platform were poisoned, brought the idea of supply chain infections into the public light.

The idea was reinforced months later when Kaseya's VSA platform was compromised and seeded with ransomware that would eventually infect more than a thousand managed service providers' clients.

Given these two major attacks, the ideas around supply chains and preventing downstream service providers from falling victim to malware are likely going to be first and forefront on the minds of everyone attending this year's conference, both in-person and via streaming video.

When combined with the rise in sophisticated ransomware gangs, supply chain attacks could well become the most dangerous threat facing enterprises. "The top two themes have to be supply chain risk and ransomware," said Eric Parizo, principal analyst of cybersecurity operations at analyst firm Omdia.

"In the wake of the SolarWinds incident and the many high-profile ransomware compromises, both issues have clearly reached the point where new and more comprehensive approaches need to be discussed, including at the highest levels of government."

Also on the mind of industry analysts are attacks that make the jump from conventional data-based IT networks to machine-controlling operational technology (OT) networks. With the threat of attacks on IoT gear being higher than ever, analysts are worried that cyber attacks could take on a new dimension as they go after industrial gear.

"If the events of 2020 have taught us anything, it's that threats are evolving faster than ever, and they are moving closer to real-life impacts," said Katell Thielemann, vice president and analyst at Gartner. "They are becoming real and tangible for millions of citizens whose eyes had been glazing over and getting numb after countless news reports of millions of credit card numbers on the dark web."

Parizo notes that for critical infrastructure attacks could not only increase in volume, but also in severity and impact. As attackers look to infect critical network connected gear like medical technology and industrial machinery, the stakes of your common network infection could rise.

"I'm also interested in what emerges in the IoT/OT realm, particularly for sectors such as energy, healthcare and automotive," he said.

"I think we have seen an uptick in the boldness of adversaries in these areas, and my hope is that business and cybersecurity leaders in those verticals will gain a better understanding of the growing risk they face."

Those sentiments were echoed during the Omdia Analyst Summit at Black Hat this week. During a session on IoT healthcare threats, Omdia senior analyst Hollie Hennessy described how threat actors could potentially gain control of medical devices such as pacemakers and insulin pumps and cause deaths.

"Luckily, these things haven't happened," she said. "But the case is, this is a possibility, and these vulnerabilities do exist, and with the growth of the internet of medical things, it just looks to continue and it really shows this needs to be looked at."

Next Steps

T-Mobile offers details of data breach that affected 40M

Dig Deeper on Threats and vulnerabilities