A disturbing trend has been observed in the industry the past few years. Cybercrime is on the rise, and dramatically so. Gone are the days of dealing with script kiddies and enthusiast hackers. These days, companies and corporations are dealing with professional, cyber criminals who are well-funded and well-protected. They strike when least suspecting and are often inside corporate networks for days or weeks without being detected. Their methods of penetration are numerous and their toolsets are extraordinary, rivaling in many cases, the collective power of nation states. Criminals have figured out that there is lots of money to be made in cyber crime. Recent reports give us the data on this and indicate that cyber crime is growing at a monumental rate. It is already at 1.5T USD annually.
The global pandemic and the rise of devices at home.
The COVID-19 pandemic has proved to be very advantageous for criminals in that it opened wide gaps in the security fabric of companies small and large. Security specialists around the world have been frantically working patch the massive gaping holes in security that have recently made themselves present due to the millions of laptops, tablets and phones that are now working from home (often, in unprotected networks that are not behind multiple layers of security). This dramatic rise of millions of unprotected devices working from home offices has lead to an astronomical increase in cyber crime. Fortified corporate networks that were once iron walls have been riddled with holes and ripe for attacks. Security experts know this and so do the criminals. Hospitals, government agencies and large corporations are vulnerable.
Expect the following to occur in 2021:
1. Cyber crime will increase, particularly in the field of crypto-malware.
2. Larger targets with deeper pockets will be targeted. This will likely include large schools, corporations, hospitals and government offices. Anything related to the medical field will be a prime target.
3. Ransom demands are going to go up. Criminals know that data has become more valuable and will charge accordingly. Expect to see demands for millions of dollars to be paid (especially to larger targets such as institutions and government agencies).
4. Smaller offices and companies will be used as a staging ground to get to higher targets. Criminals will wait in the network of a smaller target and gather information on larger clients they may be dealing with. The smaller company will be a point of entry to larger, more lucrative businesses.
5. Software as service platforms (SaaS) will continue to be attacked. Don’t make the mistake of thinking that Office365 or G-Suite is fully protected. Criminals have already infiltrated these platforms through phishing and crypto-malware tools and have locked clients out of their own data.
Protecting your network in 2021.
A strong defense is a layered defense. Make sure you are layering security in your network. Firewalls, AV clients, cyber security training, encrypted off-site disaster recovery and other techniques will all need to be employed. Make sure that your users working from home have protection. Put them behind a secured encrypted VPN and be careful about letting employees use their own personal devices on a company network.
We are not out of the woods yet. Be vigilant and keep your eyes open.