- Mastering Azure management: A comparative analysis of leading cloud platforms
- Sweat the small stuff: Data protection in the age of AI
- GAO report says DHS, other agencies need to up their game in AI risk assessment
- This LG Bluetooth speaker impressed me with a design feature I've yet to see on competitors
- Amazon's AI Shopping Guides helps you research less and shop more. Here's how it works
Cybersecurity Predictions For 2021
Preparing for the “next normal”
By Topher Tebow, Cybersecurity Analyst (Malware), Acronis
For cybersecurity professionals, this year began more or less like any other. Fast forward to April, and nearly half of the American workforce was working from home — relying on remote access tools and cloud services for everyday business needs. It’s been a time of great challenges and opportunities.
We’ve finally settled into the “new normal,” but cyber threats continue to evolve and respond to the new environment. As we look forward to 2021, here are a few of our cybersecurity predictions:
- Attackers will continue targeting remote workers
It goes without saying that the COVID-19 pandemic has fundamentally changed how business is done these days. Ninety-two percent of global organizations adopted new IT technologies this year, driven by the need to enable or expand their remote operations. Work-from-anywhere is the new normal, and with that comes a new IT infrastructure — and myriad associated security and privacy risks.
Companies have rushed to integrate new tools and services for collaboration and remote access, but often lack the time to thoroughly vet these solutions — or the budget to work with tested vendors, and to properly train IT staff. Countless organizations are currently using misconfigured solutions (or ones that are simply of dubious quality), and are at elevated risk as a result.
- Threats against MSPs, cloud services, and businesses will rise
With data accessibility at the center of everyday business operations — and remote access and collaborative features more necessary than ever — IT services are a requirement for every organization. Small and medium businesses are particularly reliant on managed service providers (MSPs) to fulfill this need.
We’re already seeing an increase in attacks against MSPs and cloud service providers — no surprise, given their status as a prime attack target. Successfully compromising a service provider is a far more efficient prospect than targeting individual businesses, as it allows cybercriminals access to the provider’s entire customer base in one fell swoop. Expect to see this trend continue.
- Data exfiltration will become a bigger threat than encryption
While we expect ransomware to hold its position as the number-one cyberthreat to businesses in 2021, the structure of these threats is shifting. In the near future, we expect that stealing sensitive data — rather than simply encrypting it on infected systems — will be the primary form that ransomware strikes take.
Cybercriminals seek to monetize every attack, and recent trends have demonstrated that exfiltrating data greatly increases the odds of successfully negotiating a ransom demand. The prospect of having sensitive data — like trade secrets or personally-identifiable customer and employee information — sold or publicly released adds tremendous pressure to companies and government entities. Data protection and data loss prevention solutions will be particularly important in the coming year.
- Automation and personalization will cause malware samples to skyrocket
Advances in computing power and artificial intelligence are kicking the malware development cycle into overdrive. Cybercriminals can build and iterate new cyberthreats with dizzying speed, sending out waves of attacks and using the results to shape their next variants.
In addition, these threats are increasingly personalized — purpose-built for their targets using information mined from corporate websites and social media profiles. As spear-phishing campaigns have shown time and again, those who make the effort to tailor attacks in this way are often rewarded with an increased success rate.
The industrialization of malware and social engineering campaigns poses a significant threat to modern businesses. The average lifetime of a malware sample is now down to a mere 3.4 days, severely hampering the effectiveness of signature-based detection. Now more than ever, it’s critical for organizations to invest in complete cyber protection solutions that can effectively detect and block both known and unknown cyberthreats.
- Malware will explore new targets
Ransomware threats are expanding beyond their traditional purview of Windows and macOS desktops. Within organizations, increasingly-exposed industrial control systems (ICS) make a tempting target for takeover and extortion.
Both at home and in the office, the growing adoption of the internet of things (IoT) — especially in connection with 5G — will continue to present new areas for infection in the form of smart devices. While internet-enabled appliances themselves don’t tend to store large quantities of data (nor particularly sensitive information), they present a potential attack vector towards their manufacturers — and may be incorporated into DDoS-fueling botnets.
- Preparing for the next wave of cyberthreats
This has been a challenging year for businesses, to be sure. And we face a slew of new challenges in 2021. Expect new tactics, never-before-seen malware, relentless automation, and attacks against surfaces that may not be well protected.
Now more than ever, an intelligent and integrated approach is necessary to stay safe in the digital space. Businesses must invest in solutions that can stand toe-to-toe with the latest cyberthreats and provide complete cyber protection.
About the Author
Topher Tebow is a cybersecurity analyst, with a focus on malware tracking and analysis, at Acronis. Topher spent nearly a decade combating web-based malware before moving into endpoint protection. Topher has written technical content for several companies, covering topics from security trends and best practices, to analysis of malware and vulnerabilities. In addition to being published in leading cybersecurity publications, Topher has spoken at InfoSec conferences, and is an active part of the Arizona cybersecurity community. Topher can be reached online at @TopherTebow on Twitter, and at our company website https://www.acronis.com/.