The coronavirus pandemic has made 2020 an especially difficult year, and everyone is relieved to say goodbye to it. During this tough time, cybercriminals haven’t slowed down. Instead, they have become more active, taking advantage of the chaos in businesses, institutions, and households. Experts predict that hackers will not slow down and point out some alarming trends that will play an important role in 2021.
Corporate data breaches in households.
Information leaks from enterprises and institutions are nothing new. However, in 2020, as the importance of remote work increased, cybercriminals attacked home networks using inadequately secured personal devices and routers. 2021 will bring an increase in the number of incidents of this type. This will be greatly aided by pressure on IT and DevOps, which can lead to such errors as misconfigured servers or inadvertently shared databases.
Small and medium-sized enterprises will be the most vulnerable to attack, as employees’ rush to work remotely leaves plenty of room for vulnerabilities. Over the next 12-18 months, they will be the doorway to many attacks.
Firmware attacks will become mainstream
Numerous studies show that cybercriminals have become increasingly interested not only in operating systems or services but also in firmware. They are mainly interested in programs such as BIOS or UEFI, as well as in components (video cards, sound cards, cameras).
Once malware is installed, an attacker can monitor user activity, retrieve data from system memory, remotely control device components or the operating system, and even destroy hardware.
The excessive use of such tools as RwEverything to change hardware settings on a computer will contribute to an increase in firmware-related incidents. Also, the firmware will become one of the favorite targets of ransomware developers, as a successful attack locks down hardware and renders it useless.
Ransomware gangs will fight for domination
Ransomware attacks have been one of the most lucrative types of cybercrime since 2014. This makes criminal groups fiercely compete with each other. This competition won’t do any good for home and business users, as the diversification and increased complexity of malware make its decryption difficult.
In 2020, many ransomware operators have developed their tools including not only data encryption but also data exfiltration. Such actions will become the norm in 2021.
Increase in supply chain attacks, industrial espionage, and APT
Cybercriminals will increasingly attack supply chains, the best example of which is the recent incidents involving coronavirus vaccine scams. For political, as well as economic, reasons, attacks on supply chains will target industries that have not been of interest to cybercriminals in the past, such as healthcare and real estate.
Although ransomware gangs will pose the greatest threat to IT departments, industrial espionage groups will become more active in 2021. You should also take into account, first of all, a significant increase in the number of APT (Advanced Persistent Threat) incidents. Many of these attacks will increasingly evolve around penetration testing platforms for privilege escalation and credential harvesting.
A new version of phishing
The coronavirus outbreak and the “new normal” of working from home have contributed to the development of phishing emails. Phishing emails are usually easy to spot due to typos, misspellings, and lack of authenticity.
The only exception was the so-called spear phishing, i.e. emails targeted towards specific individuals and organizations.
But with the onset of the pandemic, there’s been a lot of spam without any typos or linguistic errors, comprising the logos of organizations or companies on whose behalf the scammers acted.
What’s more, new types of phishing attacks exploited topics that were much discussed in the media. This trend is likely to continue throughout 2021. Many people can become victims of fake news in which attackers ask for credit card information in exchange for delivering the COVID-19 vaccine to their homes.
Cybercrime as a service
On the black market, services related to cyberattacks on a specified target have recently become a highly traded commodity.
In 2021, their popularity will grow even more as malware authors and cybercriminals will focus on providing highly specialized services, including APT. Organizations will need to update their threat prevention strategies to focus on identifying tactics and techniques typically associated with sophisticated attackers. The current security situation for small and medium-sized companies is not sufficiently prepared to deal with APT mercenaries.
Containers attacked by hackers
This year’s observations by Bitdefender show that attacks on misconfigured containers are subtle but rapidly gaining importance. In the next twelve months, the number of such incidents will increase, regardless of the purpose for which containers are used. Another real danger is the growing number of DLL preloading attacks in popular applications.