The coronavirus pandemic demonstrated that cybercriminals could exploit any period of high uncertainty and public attention for their interests.
FREMONT, CA: The global COVID-19 pandemic, along with the shift to work-from-home for many employees, has changed the way enterprises approach work and run business. And while many of these alterations are likely to become permanent, cybersecurity continues to evolve as the threat landscape changes. As the remote routine settled in, businesses started rethinking their strategies, recognizing that the attack surface had altered and that threat actors now had many more ways to infect networks to manipulate data. Here are some cybersecurity trends to watch in 2021.
• Post-COVID Threats
Over the year 2020, phishing emails changed their subject-line lures from COVID-19 updates to realistic-looking alerts about work-from-home rules to fake updates about how government programs would function. All this was done in an attempt to get victims to click. With the hope that some companies can deliver a widespread vaccine by mid-2021, cybersecurity researchers believe that threat actors will benefit from these rapid developments to start attacks such as phishing campaigns or spreading malware.
Many cybersecurity analysts expect that ransomware, along with the extortion rackets, will remain a significant concern for security teams in 2021. Ransomware attacks likely resulted in $1 billion in financial damage globally in 2020. the operators behind these attacks got better at infiltrating enterprise networks, including remote access interfaces like Remote Desktop Protocol and VPNs, malware utilized to get an initial foothold, and botnets to assist spread the ransomware.
• Threats from Inside
The more mobile and remote the workforce is, the more likely an employee may cause a breach by opening up a phishing email or giving away their credentials. At the same time, workers might see means to benefit from the wealth of data they can access without supervision. Many firms are challenged to identify nefarious internal acts, often due to limited access controls and the potential to detect unusual activity once someone is already inside their network. The threat from malicious insider activity is a rising concern, especially for financial institutions, and will continue to be so in 2021.