The 2021 List of Top Cybersecurity Threats Facing Businesses and Individuals
The Cybersecurity and Infrastructure Security Agency (CISA) and their new director, Brandon Wales, have their hands full as mainstream media reports have finally come to terms with the truth – that the US and the world is in the midst of an international cyber war.
Although many people associate CISA with the protection of critical infrastructure and government networks, the dangers faced by computer systems managed by small businesses has never been greater. As COVID and its lockdowns have persisted, many small businesses and telecommuters have encountered increased risk as millions of American workers have shifted to online working.
With companies having fewer resources as a result of lost business, cybercriminals are looking to have their biggest year ever in 2021. Just how will they achieve these ill-gotten gains? Here are some of the top cyber threats to watch out for in 2021:
Ransomware may be the top overall threat: 2020 was a huge for ransomware. Cyber Insurance provider Coalition reported that 41% of all claims submitted in the first half of 2020 were related to ransomware. The 2020 Crowdstrike Global Security Attitude Survey also shows that 27% of ransomware attacks led to ransoms being paid in the previous year, with the average payment being $1.1 million. Two of the top threats are the Sodinokibi and Lucky ransomware strains. However, we might see this trend reverse as more companies embrace ransomware spending.
Disgruntled Employees and Insider Threats: As telecommuting has become the norm due to the COVID-19 pandemic, shadowy workers may see a way to profit from company data that is now accessible minus the usual supervision. Even before the COVID pandemic, the 2020 Verizon Data Breach Investigations Report had already reported a rise in these kinds of attacks as they make up about 30 percent of data related incidents.
Phishing: Phishing is the most common entry point for hackers. With businesses exchanging hundreds of emails and electronic messages on a daily basis, there are many opportunities to strike. Hackers will usually choose to attack late in the workday, when employees tend to be tired of delivering fake emails with poisonous links. One click and hackers are in. There has been a rise in social media as the venue for this activity, whereas it used to be believed to be exclusively email. Kevin O’Brien CEO of CyberSecurity firm Great Horn said, “Over 90% of all data breaches today begin with a highly-targeted email attack, and those email attacks result in stolen credentials, loss of intellectual property, and in many circumstances, east-west migration attacks that go from email into core backend systems that contain customer data or even financial access.”
Social Engineering: Social engineering techniques, which are a form of psychological manipulation, is used by hackers to steal login credentials to then access a company's network. With most companies storing customer and employee data, financial records or other information including Social Security numbers on their database, a breach of even a small or medium size business can be a lucrative proposition. Though, all phishing attacks do involve some form of social engineering. Kevin O’Brien says, “The problem with security training is that security training, from an email perspective, teaches us to hover our mouse cursor over links. You don’t have a mouse cursor on a mobile device. Or, it tells us not to take action when we see an email that might be suspicious, but these kinds of attacks aren’t suspicious-looking. So, although security training is a requisite part of a compliance program, it has very little to no impact on the ultimate efficacy of a targeted social engineering attack, because targeted social engineering attacks are based on psychological pressure, seniority, time, urgency, the kinds of factors that we saw in the example of David a moment ago, and training will not provide any benefit against these highly-crafted and well-executed examples of a security threat.”
Browser Hijackers take over your search engine: Browser hijackers are designed to modify browser settings for the purpose of redirecting traffic to the hacker’s partner websites in order to generate ad revenue. They do this by changing browser homepage and default search settings to show a phony version of a well-known search engine. The modified search engine can insert unwanted banners and ads onto the pages of legitimate online sites. The most commonly observed versions of these infections are the Google Redirect Virus and the Yahoo Search Redirect Virus.
APTs expand their reach: Advanced persistent threats (APTs) like the one behind the SolarWinds hacking attack use stealthy hacking techniques to gain entry into a network and remain inside indefinitely. Although the attacks are usually aimed at high-value government and corporate targets, smaller businesses and individuals linked to large entities are now under attack as a gateway towards their larger associates. The more well-known APT hacking groups include APT35 (Charming Kitten), APT38 (Lazarus Group) and APT29 (Cozy Bear). Kevin O’Brien points out, “Often, today, what we’re seeing are not what signature-based end-point security solutions will pick up. That is, these are not viruses, but they’re more sophisticated examples of APT or advanced persistent threat attacks, or in some circumstances, ransomware, as over the past year or so, we’ve seen with things like the Locky attack, or some of the other major data breaches that have shut down large swaths of industry.”
2021 will be another dangerous year in the cybersphere, as history points to a continuing trend of refined hacks attacks themed around worldwide events. Look for hackers to exploit lackadaisical security efforts by businesses and individuals. Smaller businesses that previously assumed they would not be attacked by hackers are one of the fastest rising groups of victims and really need to rethink security protocols this year.
Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by websites including Newsmax, Townhall, American Thinker and BizPacReview.
Edited by Calvin Ma, Harold Moss & Alexander Fleiss