It's that time of the year again! What time is that, you ask? It's time for our annual cybersecurity prediction post!* These predictions come from a variety of cybersecurity experts, like FireEye, Sophos, and Trend Micro. There's a list with links to each report at the bottom of this blog article if you care to peruse them yourself.
So, without further ado, here are the TOP cybersecurity predictions for 2021:
- Healthcare Workers and the Healthcare Industry is Still a Target - In much the same way the pandemic refuses to yield, digital attackers will continue their onslaught on the Healthcare industry and the people who work in it. FireEye reports a severe increase in the amount of state-sponsored actors who target COVID-19 research, treatment, and response efforts. They recommend companies supporting the COVID-19 recovery take extra efforts to protect their intellectual property and employees.
- Ransomware is Already a Tremendous Threat, and it's Only Going to Get Worse - 2020's been a banner year for Ransomware attacks. It's an issue we've been reporting on for several years and according to FireEye, it's only going to be getting worse. The company has already seen a huge rise in ransomware-as-a-service style attacks, as well as many attackers, who after being paid their ransom, STILL release confidential data to the public. Very much a "damned if you do, damned if you don't" type of situation.
- Nation-State Driven Cyberattacks Are the New Normal - If you've been following along with the Security7 blog, you already know that nation-state driven cyberattacks have been a huge issue for both public and private entities. FireEye says that's only going to get worse. Take the SolarWinds hack from last year as an example of the new normal. FireEye includes nations like Russia, China, Iran, and North Korea as the chief offenders.
- Data Theft Creates a Secondary Extortion Market - Just like FireEye, Sophos believes data theft is going to create a secondary extortion market. The value of the encrypted and stolen data is skyrocketing and the ransomware attackers know it. Sophos expects attackers to leverage data exfiltration as a secondary, yet effective means of turning a profit.
- The Home Office is the New Security Perimeter - Sophos sees the challenges faced by organizations as they transition to a "work from home" format. Included amongst those challenges is the need to secure these new environments. Sophos believes that as the workplace perimeter stretches and expands, organizations need to completely rethink how to provide that new structure with adequate defenses.
- The Home Office is the Newest Battle Ground - Like Sophos, Trend Micro believes that as more companies realize working from home is a viable strategy, Trend Micro predicts attackers will leverage vulnerabilities at the home office level (i.e. unsecured wi-fi networks, multiple users on an end-point) to conduct new rounds of attack.
- COVID-19 will Continue to Upend Cybersecurity Priorities - Just like FireEye (see above), Trend Micro believes attackers will continue to take advantage of the chaos caused by the COVID-19 pandemic. The healthcare industry will continue to be a target, especially when it comes to illicitly gaining access to intellectual property.
- Expect Publicly Disclosed Vulnerabilities to be Weaponized Quickly - Organizations are...slow to patch critical systems. Heck, they're slow to patch any system. Those vulnerabilities, called known or n-day vulnerabilities, are too many to count. As a result, don't always get patched. Trend Micro predicts that, because of the sheer number of vulnerabilities in the wild, we'll see n-day vulnerability marketplaces pop-up to sell these exploits to anyone willing to buy them.
*We refuse any accountability if 2021 decides to bamboozle everyone in the same way 2020 did, and none of these come true. Make of that what you will.
Like our blog? Subscribe using the CTA in the upper right-hand corner of this page. Feel like sharing your thoughts with us? Use the comment section below.