2020 has also been an important year for cybersecurity. The pandemic had a great influence on the threat environment being the lure predominant in many phishing campaigns and fraud attempts.
We have had to telework more and adapt quickly. Awareness-rasing, technology and communications have been a very important bulwark. But on the opposite side, cybercrime has also increased its activity and capabilities knowing that its opportunities are growing in an increasingly interconnected world.
It has also been a year for critical vulnerabilities accompanied by the increase and sophistication of tactics, techniques and procedures (TTPs) used by increasingly professionalized groups.
“Undoubtedly, 2021 will be a year in which all these threats (and more) will continue to rise, where companies and organizations must be as well prepared as possible, continuously improving and evolving their defenses”
Within this framework, in the Global Cyber Threat Response (CTR) team we reviewed the trends and forecasts of the cyberthreat landscape for this 2021.
Thiese are the 5 cyber threats that will be a trend this year according to our analysis:
The ransomware boom continues
The escalation of ransomware-related incidents in 2020 in terms of the number of attacks, demanded and paid bailouts, reprisals against non-payers and the large number of actors involved seems to continue until 2021: there is no logical reason for this to stop, indeed, its unstoppable increase is expected.
In fact, it is estimated that one of the main objectives remains large corporations and organizations including government ones, the one known as Big Game Hunting (BGH) that brings the greatest benefits.
It is also estimated that more aggressive and incorporated extortion methods continue to be used in recent campaigns such as the threat of publishing leaks or disrupting a company´s services through distributed denial of service attacks (DDoS).
Supply chain attacks
The prospect that an actor engages a company attacking its supplier´s systems is not new but beings to take it very seriously after the attack on SolarWinds that was discovered in the last period las year and that adjacently affected thousands of its customers.
An intrusion into the network of an associated company could allow multiple types of attacks against the victim company: backdoorisation of the software used, lateral movement, manipulation and theft of data, DoS, ransomware, etc.
The lack of control over the cybersecurity of suppliers, the immediate and lasting impact on operations, the uncertain time before resolution… all these factors must be taken into account for the years to come.
Cloud security is again taking centre stage ?♂️
Before the beginning of the ransomware boom at the end of 2019, that year´s main focus of cybersecurity had been the vulnerability of cloud storage solutions.
Lots companies suffered different data gaps after repositories such as Amazon S3 buckets were incorrectly configured, for example by giving more access and privileges than necessary.
Concerns about cloud security returned by the end of 2020 and will continue this year as more and more organizations advance in their cloud transformation programs, creating more opportunities for error.
Mobile devices and loT in the spotlight
Although mobility has been restricted by the pandemic we are still “pegged” to our smartphones, we all use laptops to work also from home and little by little our homes because smarter with increasingly affordable devices of the so-called Internet of Things. Cybercriminals are no stranger to this trend and malware designed specifically for these devices will continue to increase.
On the other hand, this problem is likely to intensify once 5G has a significant footprint. This technology will allow closer tracking of users and will make adapting IoT capacity to devices that do not currently possess it economically viable, creating completely new classes of potentially vulnerable devices.
Do you know if your IoT devices are safe?
Deepfakes move from theory to reality.
The quality of the impersonations has constantly improved since they first emerged as a theoretical threat several years ago. In August 2019 it was already possible to deceive the CEO of a company to make a bank transfer only by falsifying the voice in a phone call.
Technology has continued to improve. Increasing computing capabilities and Artificial Intelligence cloud make 2021 a year in which deepfakes and the evasion of biometric techniques begin to be used more widely for use in fraud.
Vicente Motos
Santander Global T&O
Currently working in the Santander Threat Response department focused on tactical intelligence, threat analysis and engineering. Self-taught and passionate about computer in-security and hacking for many years, I actively participate in the community and author of many technical posts.
