Top Cybersecurity Challenges of 2021 - Check Point Software (2023)

Top Cyber ​​Threats of 2021

2020 was a unique year that forced many companies to adapt quickly to new challenges. At the same time, cyber threat actors have refined their tactics and taken advantage of changes in the way organizations operate. As 2021 begins, many security trends are inspired by 2020's business decisions.

Phishing is still a problem

Phishing is one of the most common types of cyberattacks, mainly because it is often an effective way to gain access to an organization's network and systems. It's often easier to get an employee to give up sensitive information (like login credentials) or run malware on a company computer than to achieve those goals in other ways.

As a result, phishing will remain an issue in 2021 and beyond as long as it remains effective. However, the transformation of work following the COVID-19 pandemic is also having an impact on phishing.

For example, the increase in remote work caused by the COVID-19 pandemic has prompted many organizations to embrace online collaboration such as Zoom, Slack, etc. The focus on email in phishing awareness training means that employees generally do not see email as a threat view. Platforms, and workers, often believe that only legitimate users can access those platforms, which is not always true.

As such, phishing attacks are likely to be more effective on these platforms than via email, where employees are more alert and organizations may have anti-phishing solutions in place. Cyber ​​criminals have taken note, and the use of collaborative platforms other than email for phishing has become more common and will likely continue to do so in 2021.

Exploring remote work

In 2020, the COVID-19 pandemic forced organizations to suddenly transition to a mostly or fully remote workforce. In a matter of weeks, companies that didn't have telecommuting programs had to adapt and upgrade the necessary infrastructure to allow their employees to work from home.

With the end of the pandemic in sight, many companies have no intention of returning to a fully face-to-face workforce. The benefits of remote work to the company and its employees have prompted many to allow many of their employees to telecommute at least part-time.

However, the rush to implement remote work programs has left security loopholes that cybercriminals are actively exploiting. In 2021, businesses will continue to face new security threats made possible by widespread remote working, including:

• Exploring remote access solutions:Employees working from home need access to the corporate network. As a result, the use of virtual private networks (VPNs) and Remote Desktop Protocol (RDP) has skyrocketed during the pandemic. Cyber ​​criminals took advantage of this, exploiting weak password security and VPN vulnerabilities to penetrate corporate networks, steal data and inject ransomware.
• Thread-Hijacking-Angriffe:In a thread-hijacking attack, an attacker with access to an employee's email address or other messaging account replies to an existing conversation. These replies contain malicious attachments or links to phishing sites and are designed to extend the attacker's access to a corporate network. With the advent of remote working, the frequency and success rate of these attacks have increased as employees increasingly communicate via alternative platforms and cybercriminals are more successful in accessing email accounts.
• Vulnerable and compromised endpoints:With remote work, employees work from computers outside the company perimeter and the cyber defense deployed there. Additionally, these devices are less likely to be patched and compliant with corporate policies. As a result, they are easy targets for cyber criminals to exploit.

As long as insecure remote work is widespread, these threats will continue to be a problem. With extended or permanent telework programs, the need to design and implement them arisesSolutions to protect the remote workforce.

Adoption of the cloud trumps security

Cloud adoption has been growing rapidly for years and has skyrocketed as a result of the COVID-19 pandemic. With a remote workforce, organizations needed the accessibility, flexibility, and scalability that cloud-based solutions provide.

However, while many companies are rapidly moving to the cloud, security is lagging behind. Cloud infrastructure is very different from an on-premises data center, and these differences present unique security challenges. Many organizations are still working to understand these differences, putting their cloud deployments at risk.

75% of companies are concerned about the security of their public cloud infrastructure. Learning how to secure systems hosted on shared servers in vendor-specific environments is challenging, especially when most organizations use services from many different vendors. In 2021, the lack of implementationeffective cloud securitywill continue to be a big problem andaccording to Gartner, 99% of cloud security incidents will be customer-related by 2025.

The Rise of Double Extortion Ransomware

Ransomware has become a growing threat in recent years. Several high-profile attacks have proven to cybercriminals that ransomware was profitable, leading to a rapid increase in cybercrime groups using this malware. Average,Ransomware claims a new victimaround the world every ten seconds, andRansomware is estimated to cost businesses $20 billion in 2020, an increase of 75% over the previous year.

The ransomware industry has also seen many innovations in recent years. Ransomware-as-a-Service (RaaS) operators develop and sell ransomware, expanding their reach and giving less-experienced threat actors access to high-quality malware.

Another recent trend is the Double Extortion ransomware campaign. Instead of simply encrypting files and demanding a ransom to recover them, ransomware groups are now also stealing sensitive and valuable data from their victims. If the affected organization does not pay the ransom, this data is published online or sold to the highest bidder.

In 2021, ransomware attacks are becoming more popular and more groups are moving to the “double ransom” model. For example, the relatively new group DarkSide uses this technique and has carried out attacks such as the Colonial Pipeline attack, which was considered a national emergency in the US.

An epidemic of healthcare cyberattacks

During the COVID-19 crisis, the healthcare industry has become more important than ever. Hospitals and other medical professionals around the world are overwhelmed with patients as a result of the pandemic.

In many cases, the focus on patient care has pushed cybersecurity focus and resources away from these organizations. As a result, an industry already struggling with cybersecurity became even more vulnerable to cyberattacks.

In 2020, cyber criminals noticed and took advantage of it. In the fourth quarter of 2020,Check Point Research Reportthat cyberattacks on hospitals worldwide have increased by 45%. While the advent of COVID-19 vaccines has reduced COVID-related hospitalizations and pressures on these organizations in some areas, the exploitation of these organizations by cybercriminals and nation-state attackers is likely to continue and will be a major concern in 2021.

A new approach to mobile devices

The popularity of enterprise mobile devices and BYOD (bring your own device) policies has steadily increased in recent years. Employees can be more productive when they can use the devices they are most comfortable with.

With the increase in remote work, this trend is unlikely to reverse. Employees who work from home or on the go are more likely to use mobile devices than those who work in the office. With the increasing use of mobile devices for business purposes, new cybersecurity risks are emerging. Cybercriminals are increasingly targeting these devices for their attacks, and many organizations lack the same level of security on their mobile devices as they do on traditional desktops.

Additionally, corporate cybersecurity awareness for mobile devices is also lagging behind. For example,46% of companies reportthat at least one employee has installed a malicious mobile application. As these mobile devices are increasingly used to store corporate data and access business applications, mobile malware poses a growing threat to corporate cybersecurity.

A more sophisticated cyber threat landscape

Cyber ​​security is a game of cat and mouse between cyber attackers and defenders. As cyber attackers develop new tools and techniques, cyber defenders develop solutions to identify and block them. This inspires cyber criminals to innovate to evade or circumvent these defense mechanisms and so on.

As cyber threat actors have become more professional and organized, the sophistication of their attacks has also increased. Companies stand out todayFifth Generation Cyber ​​Threats, including large-scale, multi-vector attacks across an organization or industry. These attacks are triggered by leaks from advanced hacking tools such as B. the ShadowBrokers leak that allowed the creation of WannaCry, or the theft of the FireEye penetration testing toolset.

Many organizations have security architectures consisting of many point security products designed to protect against previous generations of cyber threats. These solutions are difficult to use and are lackingUnification of security and threat intelligencerequired to protect against large-scale automated attacks.

Growing number of zero-day attacks

AZero-Day-Angriffis one in which a vulnerability is exploited before a patch is available or widely distributed. These attacks can be particularly damaging as traditional cyber defense strategies are ineffective to protect against them. Many of these strategies rely on signature-based detection, which only works if the malware's signature is publicly available.

For a variety of reasons, large-scale and extremely damaging zero-day attacks are becoming more common. The number of publicly reported vulnerabilities is growing rapidlyover 23,000 discoveries per year. This far exceeds the ability of many organizations to apply updates and patches, meaning more vulnerabilities remain open longer.

Additionally, cybercriminals can often develop an exploit for a vulnerability faster than a patch can be developed, released, and widely deployed. Cyber ​​criminals can usually create an exploit within a week, but most companies canAverage 102 days to apply a patch.

In 2021 there have already been large-scale attacks using zero-day vulnerabilities such asLieber CryjWe stayedMalware variants that exploit vulnerabilities in Microsoft Exchange. This trend is expected to continue into 2021.

Managing the 2021 Cyber ​​Threat Landscape

In 2021, organizations will face a number of significant cybersecurity challenges. However, this year also presents opportunities for significant security growth. 2020 has shown how businesses must adapt to the modern world, and 2021 offers an opportunity to design and build security for the future.

Using the checkpointsecurity checkIt's a good starting point for identifying and closing gaps in your organization's cybersecurity strategy. We also invite you to consult theCybersicherheitsbericht 2021for strategies and recommendations to protect against the modern Generation V cyber threat landscape.