December 15 2020
2020 has brought cybersecurity to the forefront like never before, and it has also seen a huge rise in the amount of cyber-attacks that prey on the vulnerability that people find themselves in because of theCOVID-19 pandemic. In the light of the changing world we now find ourselves in, CyBourn have the following predictions for cybersecurity in 2021:
Remote working will continue to rise – and so will cyber-attacks
The COVID-19 pandemic forced us all to change the way we work very quickly. Many organisations decided not to return to the office in 2020 leading to a reduction in real estate, and this is likely to continue in 2021. This was initially seen to be a temporary measure, but it is now looking more permanent.
This presents a huge challenge to security professionals. Whereas employees were once sitting in a single office, using a single network, are now at home using their home networks, which are often plagued with security problems. Having a decentralised workforce may lead to more potential avenues of attack for hackers. As the move to remote working was very much unplanned, cyber criminals have used this as an opportunity to exploit unwitting targets.
Ransomware will continue to be a major threat
2019 seemed to be the year that targeted ransomware attacks became more mainstream, with 2020 seeing the development of targeted ransomware groups who had new tactics and ways to pressurise their victims into paying up. Ransomware attacks are more intricate, sophisticated, and devastating with demands running into millions of pounds, and this is only going to get worse.
The original blueprint for a targeted ransomware attack has already posed a significant threat to many organisations. These kinds of attacks tend to focus on one organisation at a time and attempt to encrypt as many computers and devices as possible on a victim’s network. What is more, they can wipe backups where these are available. By encrypting most if not all the machines on a victim’s network the attackers were able to present a high value ransom demand.
Cloud security will become king
Organisations that have migrated to the cloud will need to focus on their cloud security and understand the relationships they have with their providers. Phishing attacks have come a long way from the “Nigeria Prince” scams in the old days, and threat actors now have a wide range of tools to help them craft convincing spear phishing emails designed to trick their victims into giving out personal information and data, or installing malware on their computers and devices.
Many cloud-hosting services such as AWS and Azure offer internet-accessible data storage where users can upload anything from individual files containing sensitive information or database backups. Threat actors commonly exploit these by hosting website HMTL files designed to mimic authentication, and this is predicted to rise in 2021, leading to more data breaches. If you use the cloud to host and/or back up your data, make sure their security is top notch.
Everything without MFA will be more likely to suffer a data breach
Not a day goes by where there isn’t some sort of authentication attack and a subsequent data breach as a result. Cyber criminals have had incredible success through mining the troves of stolen user credentials available on underground forums, and these attacks take advantage of the fact that many users are still not implementing unique and strong passwords for every account they have. This means that if a user has not implemented multi-factor authentication (MFA) on their accounts we predict they are far more likely to suffer an account compromise or data breach.
The impact of cyber-attacks or data breaches in the healthcare sector may be deadly
The healthcare sector stepped up heroically to help combat the spread of COVID-19 through increased testing, treatment, and vaccine R&D efforts. However, the pandemic created historic financial pressures for healthcare organisations; for example, revenue issues stemming from individuals cancelling services and avoiding going to the doctor unless it is absolutely necessary.
The amount of cyber-attacks in the healthcare sector have increased exponentially, with hackers always staying one step ahead when it comes to phishing emails that pretty on our vulnerabilities when it comes to the virus. We are therefore more likely to click on something we shouldn’t and suffer a cyber-attack or data breach as a result.
To improve their cybersecurity, organisations need to ensure that not only is their data well protected, but also that their staff are fully trained against the growing cyber threat. At CyBourn, we can deliver both giving you full peace of mind when it comes to your cybersecurity posture. Talk to us today to find out more.
What cybersecurity predictions do you have for 2021? We would love to hear from you!