Cyber ​​Threat Predictions for 2021

11.03.21 в 17:58 Interesting 488

Cyber Threat Predictions for 2021

The coronavirus pandemic has made 2020 an especially difficult year, and everyone is relieved to say goodbye to it. During this tough time, cybercriminals haven’t slowed down. Instead, they have become more active, taking advantage of the chaos in businesses, institutions, and households. Experts predict that hackers will not slow down and point out some alarming trends that will play an important role in 2021.

Corporate data breaches in households.

Information leaks from enterprises and institutions are nothing new. However, in 2020, as the importance of remote work increased, cybercriminals attacked home networks using inadequately secured personal devices and routers. 2021 will bring an increase in the number of incidents of this type. This will be greatly aided by pressure on IT and DevOps, which can lead to such errors as misconfigured servers or inadvertently shared databases.

Small and medium-sized enterprises will be the most vulnerable to attack, as employees’ rush to work remotely leaves plenty of room for vulnerabilities. Over the next 12-18 months, they will be the doorway to many attacks.

Firmware attacks will become mainstream

Numerous studies show that cybercriminals have become increasingly interested not only in operating systems or services but also in firmware. They are mainly interested in programs such as BIOS or UEFI, as well as in components (video cards, sound cards, cameras).

Once malware is installed, an attacker can monitor user activity, retrieve data from system memory, remotely control device components or the operating system, and even destroy hardware.

The excessive use of such tools as RwEverything to change hardware settings on a computer will contribute to an increase in firmware-related incidents. Also, the firmware will become one of the favorite targets of ransomware developers, as a successful attack locks down hardware and renders it useless.

Ransomware gangs will fight for domination

Ransomware attacks have been one of the most lucrative types of cybercrime since 2014. This makes criminal groups fiercely compete with each other. This competition won’t do any good for home and business users, as the diversification and increased complexity of malware make its decryption difficult.

In 2020, many ransomware operators have developed their tools including not only data encryption but also data exfiltration. Such actions will become the norm in 2021.

Increase in supply chain attacks, industrial espionage, and APT

Cybercriminals will increasingly attack supply chains, the best example of which is the recent incidents involving coronavirus vaccine scams. For political, as well as economic, reasons, attacks on supply chains will target industries that have not been of interest to cybercriminals in the past, such as healthcare and real estate.

Although ransomware gangs will pose the greatest threat to IT departments, industrial espionage groups will become more active in 2021. You should also take into account, first of all, a significant increase in the number of APT (Advanced Persistent Threat) incidents. Many of these attacks will increasingly evolve around penetration testing platforms for privilege escalation and credential harvesting.

A new version of phishing

The coronavirus outbreak and the “new normal” of working from home have contributed to the development of phishing emails. Phishing emails are usually easy to spot due to typos, misspellings, and lack of authenticity.

The only exception was the so-called spear phishing, i.e. emails targeted towards specific individuals and organizations.

But with the onset of the pandemic, there’s been a lot of spam without any typos or linguistic errors, comprising the logos of organizations or companies on whose behalf the scammers acted.

What’s more, new types of phishing attacks exploited topics that were much discussed in the media. This trend is likely to continue throughout 2021. Many people can become victims of fake news in which attackers ask for credit card information in exchange for delivering the COVID-19 vaccine to their homes.

Cybercrime as a service

On the black market, services related to cyberattacks on a specified target have recently become a highly traded commodity.

In 2021, their popularity will grow even more as malware authors and cybercriminals will focus on providing highly specialized services, including APT. Organizations will need to update their threat prevention strategies to focus on identifying tactics and techniques typically associated with sophisticated attackers. The current security situation for small and medium-sized companies is not sufficiently prepared to deal with APT mercenaries.

Containers attacked by hackers

This year’s observations by Bitdefender show that attacks on misconfigured containers are subtle but rapidly gaining importance. In the next twelve months, the number of such incidents will increase, regardless of the purpose for which containers are used. Another real danger is the growing number of DLL preloading attacks in popular applications.

Comments

Sign in to comment
Popular

Together with wide opportunities the Internet carries a number of dangers. First of all, when it comes to anonymity and security.

Initially, the World Wide Web was conceived as a space without borders, where you can get absolutely any information on an anonymous basis.

In today's world, it becomes more difficult to keep personal and corporate data in secret, so the issue of information security is becoming more acute every day.

In the recent past by the standards of the development of information technologies, in 2015 Google created artificial intelligence based on neural networks, which was able to analyze the condition around itself and draw conclusions about its further education. The name of the new offspring from Google was given in abbreviated from the term "deep Q-network" - DQN. The DQN started training in common arcade games (Pakman, Tennis, Space Invaiders, Boksing and other classics).

Good afternoon! Now we are talking about such an important topic in our time, as an opportunity to bypass the blocking of sites. The problem is very relevant in our country

New

Many Internet users are complaining about annoying CAPTCHAs. You get kicked from a web-source for a second and suddenly, artificial intelligence asks you to type a set of symbols with numbers, or Russian & Latin letters, or click all the traffic lights and crosswalks in the pictures.

It is becoming increasingly difficult to maintain anonymity and privacy on the Internet: search engines, websites, and social networks collect information about users and use it for commercial purposes. Any visitor to the web leaves a digital trail, followed by numerous advertisers and target markets.

If you have connected multiple devices, it's important to take care of security to avoid data leakage. Let's look at the main ways to improve security.

If you fear becoming an object of a hacker attack, it is better to take measures in advance. In this article, we will give you a few recommendations regarding information security.

The coronavirus pandemic has made 2020 an especially difficult year, and everyone is relieved to say goodbye to it. During this tough time, cybercriminals haven’t slowed down

Have you got any question?

Click here and we’ll answer

Behind every review is an experience that matters