As overused as the term may be, 2020 was unprecedented in a number of ways – all of which tested you and your organization. While it’s natural to hope that this year will be more predictable and manageable, that might not be the case when it comes to cybersecurity. In fact, 2020 gave cybercriminals ample opportunity to advance attack sophistication, which has already given them a strong start in the new year.
The good news is that our partners at Acronis analyzed cyber threats from around the world throughout the entirety of 2020. They’ve compiled their research and findings into the Acronis Cyberthreats Report, highlighting the current state of cyberthreats and projecting trends we can expect to see throughout the rest of this year. With these insights, you can prepare your digital defenses for the worst cyberattacks 2021 has to offer and ultimately beat cybercriminals at their own game.
Here are four key cybersecurity trends you can expect to see in 2021:
Remote Workers Will Become Even Bigger Targets
Cybercriminals saw an enormous opportunity when organizations worldwide began relying on remote work in response to the Covid-19 pandemic. Instead of infiltrating corporate networks, they could target less secure home environments and employees adjusting to new procedures and policies, which made them more prone to mistakes.
In these environments, phishing attacks flourished. More than 50% of organizations experienced phishing attempts with a peak frequency in the middle of the global Covid-19 lockdowns. From these attempts, cybercriminals learned that tricking an employee into clicking a link is still a highly effective way to access company data.
With many organizations maintaining remote work policies this year, these phishing attacks are likely to grow both in number and sophistication.
Extortion Will Be a Bigger Threat Than Encryption
Cybercriminals using ransomware have one goal: monetize their successful attacks. However, with the vast majority of industry professionals recommending that victims do not pay for decryption, cybercriminals had to find new ways to blackmail their target organizations.
In 2020, many attackers discovered that extortion based on leaking stolen data – rather than encrypting it – actually led to higher monetization. More than 20 different ransomware groups developed websites dedicated to publishing data leaks. Today, these sites feature private and confidential data from more than 700 companies around the world.
With more money and possible success through data extortion schemes, data exfiltration and data leak threats will likely be the main goal of ransomware attacks moving forward.
Cybercriminals Will Be Automating Their Attacks
The world of cybercrime has become industrialized. Using big data analytics and machine learning, established cybercriminal groups can easily automate their process by finding new victims and generating personalized attacks.
At the same time, cybersecurity experts have seen more strains of malware created each day. The Acronis Cyberthreats Report notes that the average lifetime of a modern malware sample is just 3.4 days. This means that traditional detection and response methods are at a disadvantage as they are unable to keep up.
While it’s still too early to claim that cyberattacks will be entirely automated this year, it’s becoming easier and faster for criminals to use automation to maximize their efforts – and their results.
MSPs Serving Small Businesses Will Become Big Targets
In the last two years, cybercriminals realized that most small and medium businesses relied on cloud MSPs for some or all of their IT needs. That makes MSPs a significant target because infiltrating one can grant an attacker access to the private data of many other SMBs at the same time.
These types of attacks and the regions they appear in are both likely to grow as SMBs rely on MSPs in greater numbers – especially if the MSP has not modernized their cyber protection procedures.
This article was written in collaboration with David Kostos, Content Marketing Specialist at Acronis.