When we look back in the annals of history, hundreds of years from now, 2020 will not be a high point. Between political upheaval, a global pandemic killing millions, and the knock-on effects on the economy and society, it has not been an easy year. Cybersecurity has also struggled, as the work from home revolution leaves us all susceptible to attacks from hackers.
But will 2021 prove to be a new start in more ways than one, or will it simply be a continuation of the struggles we’ve encountered throughout 2020 in the world of cybersecurity? For one analyst firm, it seems they believe the risks will be less revolutionary, and more evolutionary.
“Business Email Compromise (BEC) attacks are currently one of the biggest threats to employees, and this is set to continue into 2021.”says Kelvin Murray, senior threat research analyst at Webroot.
“Amid the continued shift to remote working, we’re likely to see this threat continue to be successful as targets are unable to quickly check with colleagues about dodgy-looking emails, are more likely to click on dangerous links or transfer money when requested by someone seemingly legitimate, like a trusted colleague or boss.”
Risks increase as work from home continues
We’ve already seen nimble cybersecurity researchers adapt the way they work to take advantage of situations that would have been unimaginable in 2019. That’s likely to continue next year, reckons Murray. “Cybercriminals will shift their focus in 2021 to more heavily target remote workers, as the home network is often poorly secured and more vulnerable than the office,” he says.
The associated risk to small and medium businesses who employ those home workers can’t be discounted, either.
“We’ve seen the highest number of attacks on SMBs we’ve ever seen amid the pandemic – around a 40% increase – and this trend is likely to continue into 2021.”says Nick Emanuel, senior director of product at Webroot.
Emanuel worries that a lack of training, and the risk that companies don’t adapt to include security protocols on home devices on an individual’s home network, and not just their business devices, could spell disaster.
Vaccine development offers an opportunity for hackers
The way into people’s networks is through social engineering, and Emanuel worries that the pandemic, and the desire for people to get a vaccine quickly, will give criminals the opportunity they need. “As 2021 brings forward the first vaccines to fight Covid-19,” he says, “cybercriminals will exploit the lack of trusted information and the widespread use of phone-based medical appointments to target businesses and consumers in phishing attacks and business email compromise scams.”
People will have to remain alert to the risks, and the potential damage wrought by a cyberattack involving ransomware – one of the biggest threats to us all – will become too big to ignore. “The amount of disruption and cost to businesses and important services like healthcare by ransomware groups has grown too big to escape addressing by world leaders,” says Murray. “Expect some major discussion and statements about the threat by politicians in 2021.”
How to tackle the issue
As always, the best form of attack against cybercriminals is defense. And the best way to stop risks from becoming a reality is to be aware of where your weaknesses are, and to plug them.
“There is still not enough security training being implemented across businesses, specifically to address the increasingly remote workforce.”says Matt Aldridge, principal solutions architect at Webroot.
“As we head into 2021, organizations need to prioritize training schemes that are tailored to remote workers, including how to spot phishing scams and other types of social engineering cyberattacks.”
Increase your online security and privacy by encrypting your internet connection and hiding your IP address.
Protect your data now
Training needs to be more prevalent and more obvious – and it also needs to be more advanced. “With an increase of distractions at home and fatigue around email and virtual meetings, it’s never been more critical that training be engaging, consistent, and prioritized by business leaders to ensure it’s embedded into company culture,” says Aldridge.