Looking back on 2020, we experienced an enormous shift in the way people use technology. The world collectively turned to cloud-based platforms for work, e-commerce stores for shopping, and virtual classrooms for learning. Cyber threats followed suit.
Threat actors mirrored our technological changes, tweaking and refining their attack tactics to achieve greater success. The result was last year’s flurry of pandemic-themed phishing scams, assaults on improperly configured cloud apps, and more.
As someone with a pivotal role in securing private company data and systems, you know how critical it is to stay on top of new and emerging risks. Here are seven cyber threats you need to keep in mind this year.
7 cyber threats to keep on your radar in 2021
1. Pandemic-themed social engineering scams
Attackers will continue capitalizing on the pandemic news cycle by focusing their phishing attacks and social engineering scams on COVID-19.
As discussions around the vaccine ramp up, we anticipate that threat actors will update their attacks to blend in with current events and satisfy a need for information. The Federal Trade Commission (FTC) expressed similar concerns in a recent blog post warning the public about vaccine-related scams. Be cautious of fraudulent email messages with attachments or links claiming to offer brand new vaccine information.
Similarly, attackers will continue exploiting the remote work environments and lower levels of in-person interaction to conduct business email compromise and other impersonation attacks.
2. Attacks on remote workers & their tools
As many companies enabled full-time remote work last year, we witnessed a stark increase in the adoption of remote access tools, video conferencing apps, and cloud-based services. Between this and all the new home offices, there is way more opportunity for a cyber attack.
We anticipate that threat actors will continue exploiting this expanded threat surface. They may focus their attacks on:
- Remote desktop apps
- Misconfigured web-based services
- Legacy operating systems
- Unpatched internet–facing applications
- Outdated browsers
We may also see a focus on serverless attacks as organizations continue adopting the cloud-service model.
To stay safe, remind employees that they are a target and can defend themselves by remaining vigilant and following cyber security best practices, such as:
- Patching software regularly
- Using strong passwords
- Backing up data regularly
3. The cyber-crime-as-a-service (CaaS) economy
Another top cyber threat in 2021 is the flourishing CaaS economy. New research found that off-the-shelf malware has never been easier to find or cheaper to buy, and almost anyone can find hundreds of illegal marketplaces in mere seconds.
Our team agrees that threat actors will continue participating in criminal online marketplaces, renting and selling items such as:
- Phishing and exploit kits to gain initial access to victim systems
- Stolen account credentials to impersonate a legitimate user
- Databases of confidential personal and corporate information
- Ransomware services and malware to encrypt and extort victims
- Infrastructure to run the malware
Why is this a top threat? Well, despite extensive efforts by law enforcement to take down these online marketplaces, they still exist. This ability to buy and rent malware means anyone — even those with little or no hacking skills — can become a cyber criminal.
We may see the total number of attacks increase as threat actors capitalize on a highly scalable income stream and the fact that they no longer need a technical skillset to hack systems. They can simply buy or rent the tools to carry out their attack, and at a low price too.
4. New ransomware and extortion strategies
Most companies have realized the importance of properly backing up data in case they’re the victim of a ransomware attack. But there’s a new extortion technique that renders these efforts insufficient.
Attackers start by doing their homework — researching the target’s assets and financials — and use this intel to set a ransom fee. Then, instead of encrypting the data and offering a decryption key in exchange for money, they threaten to release the sensitive information publicly if the victim doesn’t pay.
They coerce the target into paying by threatening to cause a data breach, a technique that exploits new privacy regulations that penalize companies for not properly securing private data. Attackers depend on the fact that their ransom may cost less than the penalties, fines, and reputation damage the company may face if they choose not to pay.
5. Attacks on vulnerable IoT devices
Internet of Things (IoT) devices — such as smart security cameras and thermostats — are quickly becoming a valuable target for attackers. We anticipate this trend will continue.
IoT devices connect to networks, cloud apps, and other technologies, and offer endless productivity benefits for businesses and individuals alike. Unfortunately, these devices are often connected to valuable company assets but are rarely built with security in mind, making them a weak link in your company’s cyber strategy.
And while IoT manufacturers have started to focus more on incorporating security controls, many still prioritize functionality and affordability.
6. More targeted spear-phishing campaigns
Phishing continues to be one of the easiest, cheapest, most popular cyber attack methods, and our team expects it will remain a top cyber threat in 2021 and beyond. But to ensure success and a higher return on investment, attackers may become more selective while choosing their victim. This is spear-phishing.
Thanks in part to the CaaS economy and phishing-as-a-service offerings, attackers can spend less time developing tools and more time researching their targets. They may form their attacks using personal information gained from social media accounts and company websites to create more convincing, and therefore successful, spear-phishing campaigns.
Attackers may target specific groups, such as:
- Online retailers, as they may operate on unsecured e-commerce platforms
- Virtual education platforms, due to the increasing number of users
- Healthcare institutions, as they collect a lot of sensitive data and, due to the critical nature of their business, may be more likely to pay a ransom
7. Living-off-the-land (LOTL) attacks
We expect LOTL attacks to remain a top cyber threat. Despite being mainstream for many years already, LOTL attacks often go undetected for long periods. These attacks make use of tools already installed on targeted computers — instead of uploading and executing custom malware, for example — a feature that makes them challenging to defend against.
Because they don’t generate any new files, attackers can fly under the radar of many security tools and cause significant amounts of damage. Consider this as you add or swap out security solutions this year. Covalence is one example of a cyber security platform intelligent enough to spot a wide range of threats and vulnerabilities, including discreet LOTL attacks.
What’s next for cyber security?
Cyber security is a constantly evolving field. As new threats emerge, new security solutions are needed to defend against them.
To stay informed about new cyber risks and how threat monitoring and detection can protect your business from cyber threats, sign up for our newsletter below.