Why do you need Print management software? Skip to main content
| By Anwen Haynes

What is the Cyber Attack landscape for 2021

Share on facebook
Share on twitter
Share on linkedin

In Short

The pandemic in 2020 created a unique year with businesses having to rapidly adapt to the new challenge of maintaining their operations with remote workers. This created the right opportunity for cyber attackers to refine their tactics and take advantage of a lack of security.

We’ve taken a look at the security threats that we are still facing in 2021.

The pandemic threw many companies into disarray as they had a complete lack of operational infrastructure to support remote working. As we come out of the pandemic, many companies have realised the benefits of their teams working from home and are either offering fully remote working or at least a combination of office and remote working as a balance.

 

However, gaps in businesses IT infrastructure created the perfect scenario for cyber criminals to exploit and infiltrate companies and obtain their data.

Exploiting remote access solutions such as VPN (Virtual Private Networks) and RDP (Remote Desktop Protocol) with poor password security and VPN vulnerabilities., have given rise to stolen data and ransomware planted.

Also, Cyber attackers have been able to access an employee’s email or other messaging account and respond to existing conversations. This is called Thread Hijacking Attacks. The responses Cyber attackers make on your behalf contain links to phishing sites or malicious attachments so that the attacker can expand their access to your network. These kinds of attacks have risen considerably particularly as employees increasingly communicate via alternative platforms.

 

Remote working has also increased attacks as a result of company devices being outside the perimeter of your cyber defences. These are known as vulnerable and compromised endpoints. This will continue to remain a problem so long as remote working continues and devices that are less likely to be up to date on patches nor compliant with your company policy, remain an easy target for cyber criminals.

 

The criminals are still phishing.

This is the most effective form of cyberattacks because it is easy to gain access to your networks and systems through this method. By tricking an employee into handing over sensitive data such as login credentials to run malicious malware on a company computer is far easier to accomplish than through other means. Phishing will continue to be a long-term problem for us beyond 2021

If your business has adopted Zoom or Slack for example, and if your cyber security training has focused on email attacks, then your teams do not acknowledge the threat posed by these platforms. Your employees often think of Zoom as only being accessible by legitimate users, which is not the case. As a result, an increase on cyber-attacks on these platforms has been as a result of a lack of acknowledgement of the danger these platforms pose your business.

 

The adoption of the cloud

The Cloud has provided the flexibility, scalability and accessibility that we all needed for a remote workforce in the pandemic.

However, whilst many businesses adopted the Cloud technology, the security that was needed for it, was severely lacking. Compared to an on-premises solutions, the cloud poses different security issues and many businesses did not comprehend the severity of potential attacks posed by being in the cloud, leaving their teams compromised and their business at risk.

Cloud Security is a must particularly if you are using multiple vendors to fulfil your operational needs. Gartner predicts that 99% of cloud security incidents through to 2025 will be the customer’s fault.

 

Extorted not once but twice by Ransomware

In recent years, Ransomware has grown in threat. There have been several high-profile attacks and this rapid increase has proven very profitable for the cyber criminals. On average a new victim of ransomware occurs every 10 seconds worldwide costing businesses $20 billion in 2020 increasing 75% on the previous year.

Also, unbelievably, Ransomware as a Service (RaaS) has increased significantly, allowing operators of this service to provide less capable security threat attackers the opportunity to obtain high-quality malware.

The double extortion method steals sensitive data as well as encrypting files and demanding money for their release. If the ransom is not paid, then it is posted online and sold to the highest bidder.

 

Mobile devices are a new focus

Bring your own devices (BYOD) has been increasing with businesses as it was acknowledged that people may feel more comfortable using their own tech.

However, using personal devices for company work posses a whole new cyber security risk to your business. These devices can be targeted exceedingly well by cyber attackers as the security on personal devices is not as sophisticated as that of your own business.

With a lack of cyber security awareness as well, it is obvious that an increase of malicious mobile applications has increased as well. 46% of companies reports that at least one employee has accidentally downloaded a malicious mobile application.

 

Sophistication in the Cyber threat environment

Cyber attackers are forever developing new techniques to attacks businesses and as one avenue is blocked then another is created by criminals to overcome the defence implemented.

Many businesses have outdated security patches that leave them exposed to the new ways that cyber criminals infiltrate their businesses. Generation V Cyber-attacks for example which include large scale multi-vector attacks across and entire industry or business. Leaks of advances hacking tools provide the solutions the criminals need to infiltrate your business.

 

Zero-Day Attacks

These attacks are exceedingly damaging to your business as your known cyber defences are useless against them.

In essence Zero-Day attacks look for a vulnerability to be exploited before a patch is accessible or has been deployed. These kinds of cyber-attacks are increasing significantly with over 23,000 discovered each year. Your business is unable to apply patches of updates quick enough for these meaning your weak spots in your cyber security are left open for longer.

 

So how do you mange your Cyber threat landscape in 2021?

2020 meant that the world had to develop quickly in the tech it needed to sustain business but also highlighted what had to be done to protect it. 2021 we are facing so many cyber security challenges. 

One thing is key: working with IT cyber security specialists that can identify the potential threats and gaps to your industry. The support you to implement the security and monitoring your business needs to protect your teams, your data and ultimately your business operations from threats.

Woman working at the computer

Subsribe for updates and our latest research

White Paper

Get access to our White Paper

Access our White Paper to learn about our Business insights

News

News & Insights

Don’t allow the Christmas cheer to distract you from your Cyber Security

Don't allow the Christmas cheer to distract you from your Cyber Security    

Can you create an ideal Hybrid Working Environment?

Remote and hybrid working has presented new challenges for business leaders. But there is a way forward that will satisfy both leadership teams and their employees.

5 Things you probably don’t know about the ISDN Switch Off

5 things you will want to know about the ISDN Switch Off
Please fill out the below form and one of our team will get back to you asap. Alternatively please call 0330 175 5588 to speak to a member of the Mode team.
×

Browser not supported

Unfortunately, we no longer support Internet Explorer, some elements of the website may be displayed incorrectly, to avoid problems, we suggest using a modern browser.

Subsribe for updates and our latest research

Please fill out the below form and one of our team will get back to you asap. Alternatively please call 0330 175 5588 to speak to a member of the Mode team.