- January 1, 2021
- Tags:
The year 2020 will go down in history for many reasons, such as some of the most intrusive security incidents. We saw an innovative focus on machine learning and artificial intelligence, leveraged for both defensive and offensive campaigns. Additionally, the cybersecurity industry experienced unprecedented ransomware and supply chain compromises, targeting critical industries. In 2021, we expect to see some of the most precise and scalable cybersecurity incidents requiring equal or greater countermeasures.
The year 2020 will go down in history as the “Year of COVID-19.” Despite the fact that the global pandemic negatively impacted businesses and economies around the world, it also ushered in a digital revolution across all facets of human interaction – COVID-related restrictions boosted the WFH (Work From Home) or virtual office culture, thus expanding the need for emerging technologies, such as cloud computing.
Simultaneously, more opportunities have been presented to threat actors to try out their malicious intentions. The positive aspect of these developments is the increased cybersecurity awareness among people, which is an encouraging sign.
Few Defining Moments of Cybersecurity in 2020
Though 2020 has witnessed a demand slump in almost every business sector, two industrial sectors (healthcare and government agencies) experienced a spike in the need for robust cybersecurity solutions. Cyber adversaries have set a new trend in the above industry by employing innovative modus operandi like phishing, cryptojacking, ransomware, IoT attacks, etc., to deploy exploits with damaging effects than we have ever seen before.
Some of the defining moments of cybersecurity in 2020 include:
- 4 billion records got exposed in the first quarter of 2020, a rise of nearly 256% compared to the first half of 2019.
- Eighty-one global firms situated in 81 countries reported instances of data breaches in the first half of 2020.
- Innovative threats like PowerShell malware attacks increased by nearly 117% in Q2 2020.
Major Highlights of the Cyber Threat Landscape in 2020
- FireEye and SolarWinds Supply Chain Attack: In December 2020, one of the most effective cybersecurity companies, FireEye, was attacked by highly sophisticated nation-state attacks who stole the company’s system penetration tools. Additionally, Microsoft disclosed that they were also victims of another supply chain attack regarding SolarWinds’ infrastructure. The SolarWinds compromise was a springboard for cyberattacks against various U.S. government agencies, including the agency overseeing the U.S. nuclear weapon stockpile (National Nuclear Security Administration).
- Increased Ransomware and Phishing Attack: Individuals and companies were targeted in rampart ransomware and phishing attacks, which were nested in the COVID-19 pandemic. Users were tricked through the launch of COVID-related threat campaigns into disclosing personally identifiable information, including full names, home addresses, telephone numbers, bank account details, even drivers’ license details, in exchange for pandemic relief assistance from the government
- Business Email Compromise (BEC) and Fake URLs: Throughout 2020, threat actors used fake URLs to perform driveby downs, as well as steal banking details from unsuspecting users. Cybercriminals were able to re-route corporate transactions and steal payments meant to facilitate business functions using fake URLs. In fact, the FBI estimated that the average losses in Q2 of 2020, due to business email compromises (BECs), was $257,300.
Additionally, in the last quarter of 2020, security researchers discovered a massive increase in the procurement of COVID-19 related URLs – the modus operandi for the purchase of such URLs is for threat actors to launch web poisoning attacks, such as SQL injections.
- Election Security: A military offensive cyber operation was launched on Iran by the U.S. government after attributing several malicious campaigns targeting U.S.-based election infrastructures. During the run-up to the U.S. Presidential elections in November 2020, most Americans were focused on internal challenges amongst both political parties, that they ignored the dangers of external-facing cyber-threat activities, which leverage social media sites as their battleground for election-interfering misinformation.
The Impact of Emerging Technologies on the Threat Landscape in 2020
In 2020, small to midsize businesses experienced a growing sophistication of cyber threats, which appeared to be more selective and diversifying due to external factors like the development of advanced technologies, such as Machine Learning.
- Cloud Computing: Cloud computing environments were the favorite target for cyber attackers. They used code injection attacks against cloud platforms to spy, modify sensitive data, or take control of critical data across cloud storage infrastructures. .
- Machine Learning (ML): Initially designed to remove malware from a cyber-attack, 2020 proved that advanced persistent threat (APT) actors were capable of deceiving ML detection models using sophisticated offensive countermeasures aimed at generating false contents to blind attack detection algorithms.
- Open Banking: COVID-19 concerns and restrictions gave rise to broader adoption of online payment methods, which also led to an increase in targeted attacks on mobile platforms. Threat actors used such attacks to steal payment data, log-in credentials, and other personally identifiable information required to facilitate online banking processes.
Looking Forward in 2021
Although 2020 was wrecked by COVID-19 related incidents in the cybersecurity industry, GoldSky’s cybersecurity experts predict to see more COVID-19-related focused ransomware and social engineering attacks aimed at tricking unsuspecting users into disclosing personal information in exchange for fake COVID vaccines.
Unfortunately, ‘normalcy’ is lost forever; the ‘new normal’ has now overtaken both corporate and personal lives. For instance, the virtual working environment will be expanded in 2021 as individuals get used to working from home. As such, cybersecurity will remain center-stage in the New Year. Below are some key highlights we can expect for small to midsize businesses in 2021:
- We saw the rise in targeted ransomware attacks against medical facilities to a great extent in 2020. Ransomware will continue its growth in 2021, and the variety and frequency of attacks will increase.
- The implementation of 5G will offer faster internet speeds on mobile devices. Thus, threat actors will leverage the precision, speed, and scalability of 5G technologies to target more critical supply-chains, financial systems, etc.
- Nation-state threat actors will become emboldened in their cyberespionage and reconnaissance activities. As such, we expect to see increasingly noisy and extremely sophisticated attacks against major U.S. government agencies and departments – the FireEye and SolarWinds attacks are an example of the noisy nature of state-sponsored attacks expected to hallmark the year 2021.
- Organizations will need to focus more on patch management, IT asset management, identity and access management, and security automation solutions.
Final Thoughts
The business risks associated with cyberattacks is real; it can not be denied or brushed off any longer. As we anxiously usher in a new year, we expect cyber threat actors to increase the use of highly sophisticated attack methodologies to deploy crippling malware against small to midsize businesses. In fact, the damages associated with basic threats, such as ransomware, will damage more organizations than ever before, especially those that are unprepared to withstand the surging effects of a security incident.
Therefore, adopting preventive cybersecurity control measures is the best way to go forward in 2021.GoldSky Security offers a range of cybersecurity solutions for small and mid-size businesses to strengthen their cybersecurity posture and have the best tools, resources, and manpower to meet the challenging cybersecurity demands for the year 2021.