Between COVID-19 and economic slowdowns, we can’t wait for 2020 to end so we can start the new year fresh.
Unfortunately, cybercriminals who thrived upon phishing and ransomware attacks will be working hard to continue their success into 2021.
To keep us ahead of the attackers, many experts have predicted the top cybersecurity trends to watch in 2021. Whether we find ourselves in the “year of extortion” or a year of prosperity will depend upon our ability to prepare, keep up, and stay ahead.
Cybercriminals Will Double-down
We all try to build upon success, and criminals are no different.
Ransomware and phishing proved enormously successful in 2020, so we expect those trends to continue throughout 2021.
Ransomware evolved new technologies, started franchising to grow quickly, and developed new techniques, such as public data leaks, to pressure ransomware victims into paying. In fact, publicly leaked data affected more than 1,000 companies globally!
With estimates topping $1 billion in financial damages, cybercriminals have both the means and the motivation to increase the volume and sophistication of their attacks. For better or worse, the basic method for attacking companies is predicted to remain the same: Email.
In early 2020, 94% of all malware was estimated to be delivered via email, with phishing accounting for 80% of reported security incidents. Between the second half of 2019 and the first half of 2020, the number of blocked phishing attempts increased by 118%, flooding users’ inboxes with click-bait.
As long as users remain vulnerable to bad clicks, hackers will continue to pursue this form of attack and develop new techniques to exploit it. Unfortunately, the paid ransoms fuel the cybercriminals with the resources to develop even more features.
Experts expect cybercriminals to weaponize artificial intelligence (AI) to perform basic attacks much in the same fashion that cyber-defense technology harnesses AI to stop common attacks.
At the same time, the attackers also hire high-level attackers to manually invade victims – more than 50% of attacks involving manual hacking.
Cybercriminals Focus on Vulnerable Users
Thirty-one percent of global companies report daily attacks from both humans and automated malware seeking vulnerabilities to exploit.
Attackers know that many workers have shifted to home networks, and experts predict a shift in focus to exploit the remote worker’s relatively weaker security.
We also anticipate an increased focus on vulnerabilities that capitalize on the many hours users spend on social media and mobile phones. Additionally, you should be especially cautious of the contact tracing and telemedicine applications that have been hastily launched during the pandemic, as they may lack mature security.
New Frontiers and Dying Legacy Systems
Remote users only provide one of the new targeted frontiers for attackers.
In 2021, we expect the growing connectivity of industrial control systems (ICS) and internet enabled devices (IoT) to experience new attacks focused upon their vulnerabilities.
In addition to new technologies, attackers are expected to target supply chains in an attempt to gain organizational access through your trusted partners. Key legacy security systems that use firewalls and antivirus will be incapable of keeping up with those attacks.
First, legacy endpoint protection does not work where it cannot be applied – whether that is on incompatible ICS/IoT devices or outside of the corporate domain on your supply chain’s PCs.
Second, legacy defenses, such as antivirus or anti-malware programs, will become significantly less effective due to shifting technology. While regulations still require the use of legacy security as a primary line of defense, older file-signature-based antivirus struggles to detect fileless attacks or attacks routed through your cloud infrastructure.
The IT Skill Gap is Widening
IT security managers face an exponentially growing threat from cyber criminals, shifting architecture (cloud, 5G, etc.) technology, and an increasing number of under-protected endpoints (IoT, ICS, mobile devices, home networks, etc.).
As that trend continues, IT and cybersecurity specialties will need to develop rapidly, which makes it increasingly difficult for your team to keep up with the diverse needs of the organization.
Experts expect the IT skill gap for hiring, and within existing IT departments, to widen in 2021, forcing many organizations to obtain external expertise from vendors and outsource partners.
Ideal Integrations and Blue Bastion have expertise in a variety of both legacy and new technologies to build robust, layered security, and to recognize where limitations may require immediate attention.
Whether your organization wants advanced cyber security monitoring or basic patching, call us today at 412-349-6680 or fill out the form below. We’ll be by your side all along the way in 2021, and for years to come!