2020 was an eventful year, to say the least – also in terms of cybersecurity and data breaches. Due to the coronavirus pandemic, many businesses had to ask their employees to work remotely, making them more vulnerable to cyber attacks.
Security threats were, are, and will be present everywhere, and the truth is that even if you are using the SIEM consulting services, you might still fall victim to a cyber attack. Though we still recommend using the services of a trusted provider.
Interestingly enough, just like every niche has its own trends, cyber security threats also do. Are you interested in the ones for 2021? You’re in the right place, then. Here is everything the experts say is going to happen in the next 12 months.
More Unintentional Insider Threats Due to Weakened Organisational Security
The sudden introduction of remote work generated issues that we hadn’t even thought about before. It looks like in 2021, working from home will continue to create challenges.
As Julia Voo, one of the field experts, says, “COVID-19 has weakened organizational security. Remote access inefficiencies, VPN vulnerabilities, and a shortage of staff that can help the business adapt mean data is now less secure.” From a cyber criminal point of view, this type of situation creates new opportunities for attacks, which is why we can be sure they will be taking advantage of it every chance they get.
What’s more, with so many people working from home, the line between work and personal equipment is blurred, meaning that something that seems innocent – such as checking personal emails on the company’s computer – might have serious consequences. The pandemic has increased the chances of employees making errors – even unintentionally.
Hackers Will Tailor Attacks to Target Specific Verticals
One of the verticals that are said to be most at risk in 2021 is healthcare. As Justine Bone, the CEO of MedSec, says, “Healthcare has been a perfect target – society depends on it, and these organizations are typically under-resourced, change-averse, and slow to innovate.”
Besides healthcare, other verticals that might be beneficial for hackers include carmakers (and particularly the EV companies, as they are becoming more and more popular and profitable), critical infrastructure, and the Industrial Internet of Things.
Greater Innovation in Phishing Will See Threat Hijacking and Whaling Attacks
More innovative phishing lures are said to be designed in 2021; they will not only trick the users but also make the cyber attacks more difficult to identify.
At the moment, the most innovative mass phishing technique is email thread hijacking – it automates the creation of spear-phishing lures by stealing the email information from compromised systems. Later, this data is used to send replies – messages containing malware – which look very realistic to an unaware user.
As experts predict, more individuals working remotely will become targets of such attacks because it’s a lot easier for cyber criminals to trick employees into giving away sensitive information.
What’s more, due to the isolation caused by several lockdowns in 2020 (and in some locations also in 2021), people became more willing to share private information online, which hackers can take advantage of.
According to Robert Masse, one of Deloitte’s partners, “Whaling, a form of highly targeted phishing attack aimed at senior executives, will become more prominent with cyber criminals able to take personal information shared online to build convincing lures leading to business email compromise fraud.”
Many of those emails will continue to use fear in order to make more people open them. Hackers will use the new fears, that arose within the last year or so – COVID vaccines, any political instability, financial concerns related to lockdowns, and so on.
Zero Trust Is Here to Stay
Zero Trust is by no means a new concept – however, due to the increased number of remote employees, it is something that organizations need to accept as part of the new reality.
What exactly is ‘Zero Trust’? It’s a security concept based on the idea that the organizations cannot trust anyone – whether they are outside or within the organization – and before they can grant access to any applications or data, the user trying to gain such access needs to be authenticated and authorized.
In 2021, we are sure to see great innovations in the area – especially since, if we want a seamless identity and access management, it needs to be easy to use. Quality authentification methods are ‘Zero Trust’s key enablers.
The Bottom Line
It’s safe to say that 2020 surprised us on more than one occasion – especially with the global pandemic. Due to the unexpected outbreak of the SARS-CoV-2 virus, which causes coronavirus disease, many companies decided to switch to remote work. Unfortunately, this created new cyber security challenges as well as intensified the ones that were already present.
And how will it look in 2021? Well, for now, we can only guess.
We hope that after reading this article, you have an idea about what experts think 2021 will look like in terms of cyber security. Of course, only time will tell if their predictions were right, but you can at least start preparing.