The pandemic has brought more than an economic and health crisis, but a cybercrime crisis as well. The explosion of online activities opened a new world of opportunities for cyber criminals. Phishing scams, frauds, and data breaches that exploit the pandemic are at the order of the day.
In 2021, businesses will need to face more risks, because of the expansion of the risk surface. More online activity equals more chances for a malicious attacker to breach a network and get a hand on records.
In this post, we will give an overview of what threats we may have to face as 2021 rolls and how companies can prepare.
Top Risks to Information Security Now
In 2020, attackers took advantage of the uncertainty associated with the COVID-19 pandemic, and continue to do so. Organizations such as INTERPOL and the World Health Organization have reported an increase in cyberattacks five times the usual rate during the pandemic.
The types of attacks were mostly directed to mislead and use people to disclose sensitive information or facilitate a data breach. According to the report by Interpol, most attacks were phishing scams and fraud types.
Their projections for 2021 are not encouraging, predicting a further increase in security attacks, mostly with social engineering, sophisticated ransomware, and phishing campaigns.
What were the top risks we faced in 2020 that will continue through 2021? Let’s explore.
Attacks Planned from the Dark Web
Cybercrime organizations use the dark web to plan attacks and drop the products of cyberthreats to monetize them. Attackers having access to the high loads of information present in the dark web is a growing threat for businesses. Therefore, companies looking to protect themselves, use software solutions like Cyber Sixgill, that collect and analyze the information present on the dark web to prevent attacks.
The number of records leaked to the dark web increased in 2020. This stolen data can impact your business, even if it was extracted from other companies. Attackers use records to carry on social engineering scams and credential theft.
What can we expect for 2021?
Given the chaos and uncertainty of the pandemic, most organizations focused on survival. This gave the cybercriminals the time to plan and execute attacks that took advantage of people and businesses. As the dark web continues to grow, we can only expect more attacks to be organized, planned, and monetized from there.
Insider Threats
According to IBM’s report Cost of Insider Threats, the frequency of insider incidents tripled from 2016, with the average cost doubling. According to a study by Statista, the primary goal of insider threats is data exfiltration over other types of damage, like sabotage or snooping.
In the same IBM report, negligence is the cause of the majority of insider incidents. While they are more common, the cost of remediation is also lower in the case of a negligent employee or contractor. However, incidents caused by malicious insiders are more damaging, with a remediation cost of three times the former.
What can we expect for 2021?
The almost overnight shift to online operations left many companies and employees with ad hoc solutions to continue working. Many employees used their personal workspaces and emails to share company information, breaching security inadvertently.
As for 2021, Forrester predicts an increase of 33% in breaches caused by insider threats, since remote work increases insider risks. The incidents themselves are expected to grow 8% in 2021.
Increased Social Engineering Attacks
Social engineering doesn’t involve special technical skills but works with deceiving or stimulating privileged users into breaching security practices. While phishing is a form of social engineering, these attacks have evolved beyond the typical scam. Often, they are highly targeted, impersonating legitimate users to gain trust and get the victim to perform an urgent task or extract sensitive information.
Unfortunately, while User and Entity Behaviour Analytics (UEBA) may help detect suspicious activities, it is extremely hard to prevent social engineering attacks. It requires training all users in standard security practices to spot social engineering attempts.
What can we expect for 2021?
Many attackers took advantage of the disorganization of teams working from home to conduct these types of attacks. Microsoft reported an increase from 20,000 to 30,000 daily attacks in the U.S. Since it is a strategy not easily detected, we can expect attackers to focus even more on it. The increased success of criminals in 2020 will lead to more confidence and improvement of their engineering tactics and procedures.
COVID-19 Related Phishing Scams
At the height of the pandemic, when the World Health Organization named the health emergency COVID-19, attackers took the opportunity to exploit the situation. As people were actively seeking information and solutions, the Internet filled with phishing scams mimicking the local development of the crisis, ripping lures from the news and using them to involve victims. Sometimes, the attackers hid malware in fake documents using spoofed business credentials.
What can we expect for 2021?
Cybercriminals will continue to exploit the COVID-19 pandemic. Since the announcement of the vaccines, new attacks have appeared trying to get victims to click into a malicious attachment or share sensitive information. Only a few weeks ago, IBM uncovered a global phishing attack directed to disrupt the COVID-19 vaccine cold chain.
Ransomware
Ransomware attacks doubled in number in 2020, due to the loosening of cybersecurity measures and practices when companies moved to work from home. Cybercriminals took advantage to steal sensitive data from critical sectors like legal, banking, and financial services. Ransomware was also used to plan attacks on governmental organizations using vulnerabilities in remote desktop workspaces and VPNs.
What can we expect for 2021?
One of the most worrying trends we saw in the ransomware attacks of 2020, was the attacks on hospitals and health care entities. This made patient records inaccessible, endangering lives. Since ransomware accounts for half of all malware attacks, we can expect ransomware to become a life and death matter in 2021. Healthcare records are well priced in the dark web, giving criminals an incentive to continue operating.
Additionally, there has been a trend to perform double extortion, extracting first the data and then encrypting the database. Criminals require payment to decrypt the data and also to refrain from publishing it. Since it is doubly profitable for the attacker, we can expect these types of attacks to increase.
The Takeaway
While we hope the new year will bring the pandemic under control in 2021, in terms of cyberattacks, organizations should prepare for things to get worse before they can get better. Social engineering, ransomware, and COVID-19 related attacks will be on the rise.
Businesses and governments need to partner with industry groups, cybersecurity companies, and threat research organizations to share information, prevention techniques, and law enforcement. Cyberattacks are now global and can be a matter of life and death. Therefore, global cooperation is critical to prevent and remediate potential breaches as fast as possible.
Did you enjoy reading this article? Don’t forget to like our page on Facebook and follow us on Twitter!