In retrospect of the year 2020 it is obviously necessary to mention all the circumstances brought about by the pandemic. With the number of changes in social or economic life, the circumstances have also caused the emergence of lots of still unknown challenges, doubts and problems. From the point of view of cybersecurity, the most extensive change is the massive transformation of routine working conditions to on-line remote work.
And what will the next year bring? Except the extensive changes, there are certain things that won’t certainly change in 2021. Malicious actors will continue in attacks and improving the techniques and tools in order to infiltrate into their victims’ systems.
Consequences of espionage or criminal activities with the vision of monetary gain will again be reflected in data compromise, financial losses and reputational harm of companies.
State-sponsored cyber attackers will continue in harmful activities against other states in accordance with the interests of their sponsors. With the above-mentioned events, it is possible to expect several other significant events in 2021, the impact of which will considerably affect the cyber environment.
Remote work will bring additional risks
As in the previous year, the COVID-19 pandemic in 2021 will also be reflected in transfer of personal business operations to virtual space, remote work and the creation of new working platforms.
Taking the long view, these technological changes will bring new risks to privacy and security of personal or health data, particularly due to the proliferation of e-Health.
From a security perspective, virtual private networks (VPNs) and on-line meetings will still be a risk, giving potential attackers the ability to access sensitive information or infiltrate directly into companies’ networks. Preventive inspections of devices and connections against existing compromises or potential vulnerabilities will therefore become an essential part of measures in order to ensure the security of remote work, mainly due to the huge increase in the use of own devices by employees. However, the problem can also occur with devices provided by the company, as they are often not sufficiently secured. Dissemination of security awareness among employees will also play a major role in security of remote work.
The need to increase the security of devices and networks may lead to raised demand for cybersecurity companies’ products, which consequently will mark prices up.
State-sponsored actors are still attacking
In the next year, there are expected the activities of leading state-sponsored cyber actors, among which individuals and groups from Russia, China, Iran and North Korea stand out.
Along with them, a growing trend can be observed in Vietnam and in the countries of South Asia. Espionage activities through targeted phishing e-mails remain to play first fiddle. Other key motivating factors are centred on a theft of intellectual property, intelligence gathering or the exploitation of new vulnerabilities.
In addition to traditional targets, there will be new targets, due to the pandemic, like hospitals, vaccine-developing laboratories or other medical facilities possessing the information of high scientific or financial value.
In 2021, however, a rapid increase in the number of attack vectors that do not require any victim interaction, such as web-facing or password spraying, is expected.
Ransomware continues to score
The cyber community unanimously agrees on a further rapid increase in ransomware attacks, which in 2021 will pose one of the greatest cyber threats not only to companies but also to individuals.
Just for comparison: projections indicate that ransomware attacks will happen every 11 seconds in 2021, compared to every 14 seconds in 2020. In addition, according to the survey, ransomware attacks make up half of all major cyberattacks. With the rise in frequency, improvements of used programmes or the ransomware attacks offered upon request are becoming a threat as well. Criminal gangs have also no scruples about setting up call centres, through which they inform their victims by phone about being hit by an attack and demand a ransom to unblock affected devices. The motivation of criminals to make the highest profit is characterized by adopting an approach defined as a double extortion, i.e. to threaten victims with blocking their access to data, and also disclosing their personal or sensitive information, which can damage private companies financially or their reputation. These factors result in a constant increase in the average ransom payment, with a growing trend expected also in 2021.
5G network time is coming
A new generation of Internet and mobile connections will be fully operational in 2021 and will be available to more than one billion people worldwide by the end of the year.
However, its benefits related to a huge increase in connection speed for an average user and to a totally new dimension of technology usability are also associated with growing risks. Hackers are already working on detection of vulnerabilities and imperfections of the new network.
The main asset, i.e. the connection speed, offers to malicious actors the opportunity to adapt their attack campaigns in real time and increases the potential for DDOS attacks.
With an increased use of 5G networks, the number of connected IoT devices is also expected to expand. Connecting smart devices in one user’s network increases the risk of exploiting the weakest link in such a chain.
A successful attack results not only in gaining access to one device, but also in taking control of the others in the same network, which then allows sophisticated actors to execute swarm-based attacks.
Along with technical aspects of the new network, there are also other risks related to a huge amount of personal data which will pass through the network; and therefore consistent security of systems against intrusions and espionage will be essential.
Artificial Intelligence, both an enemy and help
In 2021, a growing number of cyberattacks using Artificial Intelligence (AI) is expected. AI-based platforms will allow threat actors to improve the efficiency of their operations by simulating the attacks on their targets and subsequently, in real attacks, respond to current security measures of this operation’s target.
The use of AI in misinformation campaigns carried out by state-sponsored hackers appears to be a potentially high risk, with e.g. deep fakes that will be spread via social networks and may have a huge impact on the population, compared to manual procedures.
The good news about AI adoption is its usage to accelerate the identification of sophisticated cyber threats and to allow rapid response to block ongoing attacks at an early stage. It is anticipated that some cyber companies will introduce such security solutions as early as 2021. The benefits of AI are also getting used in recruitment processes of companies, production processes or in increasingly popular chatbots.
There is more to come
With the above-mentioned phenomena and the consequences of the COVID-19 pandemic on the routine working conditions, also other events in cybersecurity will certainly be specific for 2021.
Cybercrime will continue to cause massive damages, reaching 6 trillion dollars this year, a 15% increase compared to the last year. The “eternal” dilemma between the right to privacy and security efforts will also remain, in terms of encryption of messages, where a fundamental shift is expected in the European Union decision-making.
The issue of encryption is also related to the working procedure on quantum computers, the use of which by state actors may represent a turn in the security of non-public information. However, due to the massive increase in performance and capacity of computation, compared to currently super-powerful computers, these computers can also have a very positive effect on scientific development in various fields.
Due to constant increasing threats in cyberspace, it is expected that more and more private or public companies will seek security at least in purchase of cyber insurance policies, which can cover some financial losses after a possible attack on their systems or devices.
« Späť na zoznam