From cyberattackers targeting the vaccine rollout to weaponized AI, read on to know the cybersecurity threats in 2021…
Globally, technology is evolving rapidly and the way businesses are operating is changing rapidly. Emerging technologies such as cloud computing, Artificial Intelligence (AI), automation, quantum computing and the Internet of Things (IoT) are creating unprecedented opportunities for businesses to unlock new value. As technology evolves, so does the cyberthreat landscape that organizations must predict and mitigate. In fact, it is estimated that the cyber threat globally slows the pace of technology innovation by as much as USD 3 trillion in lost economic value in 2020.
Top Cybersecurity Threats
Here are top cybersecurity threats to watch out in 2021…
Cyberattackers Targeting the Vaccine Rollout
This year, hackers leveraged the COVID-19 pandemic to distribute a series of phishing scams to unsuspecting victims. The number of legitimate emails sent on the topic allowed phishing emails to hide in plain sight. According to Experian’s data breach industry forecast for 2021, contact tracing apps also have created a fresh surface to exploit and could be a target. Several government organizations may not employ sufficient security protection, making these new tools a boon for hackers looking to steal personal data in 2021.
Attack on Remote Workers
Remote workers will continue to be the focus of cybercriminals in the coming year. Remote workers are far more likely to use their own devices and personal Wi-Fi connection for their work, which simply aren’t as strong and protective as corporate devices and networks. This makes hacking a much easier job for cybercriminals.
Cybercriminals are aware that a lot of businesses were thrown in the deep end with the pandemic. Businesses weren’t set up for remote working, and therefore didn’t have the right security protocols in place. Employees using their own networks and using obsolete security protocols couldn’t come at a worse time.
The Revised Ransomware
Several cybersecurity analysts believe that ransomware, along with the extortion rackets run by cybercriminal gangs, will remain one of the biggest concerns for security teams in 2021. According to a recent analysis by security firm Group-IB — by the end of 2020 — ransomware attacks likely resulted in over $1 billion in financial damage globally, although that number is almost certainly higher since many of these cybersecurity incidents are not reported.
Over the past one year, the ransomware operators behind these attacks also got better at infiltrating enterprise networks, including brute-force attacks on remote access interfaces such as Remote Desktop Protocol and VPNs, malware used to gain an initial foothold, and botnets to help spread the ransomware.
The Insider Threats
The more mobile and remote a workforce is, the more likely that an employee may cause an accidental breach by opening up a phishing email or giving away their credentials without thinking. At the same time, workers themselves might see ways to benefit from the wealth of data that they can now access without the same type of supervision.
The unprecedented move to remote work has left global organizations unprepared to monitor or identify insider threats due to unauthorized remote access, weak passwords, unsecured networks, and the misuse of personal devices. These patterns are expected to not only continue but spike in 2021 and beyond.
Weaponized AI
Threat actors will leverage Machine Learning (ML) to accelerate attacks on networks and systems, according to security firm BeyondTrust. ML engines will be trained with data from successful attacks. This will allow the ML to identify patterns in the defenses to quickly pinpoint vulnerabilities that have been found in similar systems and environments.
Hackers are using their own automation to attack business networks and systems from those working remotely. Using successful attacks as a starting point, their software will start to spot patterns of defense and identify vulnerabilities in similar systems. The data collected from these attacks is repurposed to train the cybercriminal’s systems and attack similar software. This means that attackers will hone in on the vulnerabilities much quicker and stealthier than before. They’ll know before they attack what they are looking for, what to avoid, and how to escape unnoticed.
The Road Ahead
As cybersecurity trends keep emerging, organizations must adopt a proactive IT security posture, rather than reactive, to keep business secure. They must become more nimble, more flexible, and more collaborative as they strive to secure their critical assets.
With 2021 fast approaching, cybersecurity experts and analysts note that cybersecurity will continue to evolve even as most of the world enters a post-COVID-19 era, with cybercriminals, threat actors and nation-state hackers ready to take advantage of whatever may happen next. This will keep CISOs, their security teams, as well as their counterparts in IT, trying to catch up and stay ahead.