Security experts at are urging organizations everywhere to protect themselves from evolving cyber attacks.
The effects of changes introduced during the coronavirus pandemic will continue to be a key focus for organizations’ IT and security teams, ushering in a new phase that experts are calling the ‘next normal’.
With 81% of enterprises have adopted mass remote working for their employees, and 74% planning to enable it permanently, organizations everywhere are expected to face more sophisticated cyber-attacks related to coronavirus, mostly:
Phishing campaigns impersonating vaccines. As COVID-19 will still dominate headlines, news of vaccine developments or new national restrictions will continue to be used in phishing campaigns, as they have been through 2020. The pharma companies developing vaccines will also continue to be targeted by malicious attacks from criminals or nation-states looking to exploit the situation.
Attacks on remote learners. Schools and universities have had to pivot to large-scale use of e-learning platforms, so perhaps it’s no surprise that the sector experienced a 30% increase in weekly cyber-attacks during August, in the run up to the start of new semesters. Attacks will continue to disrupt remote learning activities over the coming year.
More double-extortion ransomware attacks. Q3 of this year saw a sharp rise in double-extortion ransomware attacks: hackers first extract large amounts of sensitive data, prior to encrypting a victim’s databases. Then attackers will threaten to publish that data unless ransom demands are paid, putting extra pressure on organizations to meet hackers’ demands.
In a matter of weeks, Coronavirus forced organizations to support remote workforces. Companies had to quickly transform digitally, often leaning on the cloud to scale their operations. The change brought new threats to these companies, as the overall attack surface of companies grew.
In 2021, security experts predict that the digital transformation will proliferate attacks along these two lines:
Weaponized deep-fakes: Techniques for fake video or audio are now advanced enough to be weaponized and used to create targeted content to manipulate opinions, stock prices, or worse. Audio could be faked for voice phishing – so that a CEO’s voice could be faked to bypass voice authentication.
5G benefits and challenges: The totally connected, high-speed world promised by 5G also gives criminals and hackers opportunities to launch attacks and cause disruption by targeting that connectivity.
e-health devices will collect data about users’ well-being, connected car services will monitor users’ movements, and smart city applications will collect information about how users live their lives. This massive volume of data from always-on, 5G devices will need to be protected against breaches, theft, and tampering to ensure privacy and security against attacks, especially as a lot of this data will bypass corporate networks and their security controls.