Cybersecurity Trends 2021

It should come as no surprise to anyone that remote working has posed important cybersecurity challenges. Companies face a higher risk as their employees juggle their personal and professional lives in devices that may not be as well protected as they would be in centralized offices. In fact, the expansion of mobile technology and the increment of Internet of Things (IoT) devices have widened the attack surface. Threats to these devices keep evolving, to which unfledged technologies, like 5G, may contribute. Moreover, this year has seen the accelerating and growing adoption of cloud computing, which is expected to continue in 2022. Hasty deployments with misconfigurations, in combination with ignorance about cloud responsibilities, continue to render many companies and their data as easy prey.

Cybercriminals are still exploiting people's fear and uncertainty resulting from the COVID-19 pandemic. Social engineering leads as the most used attack technique. Indeed, phishing prevails, with threat actors adapting their lures to the latest conditions of the pandemic. Moreover, following public and private efforts to generate solutions, such as vaccine development, state-backed cyberespionage campaigns have risen with the intent to steal intellectual property or other confidential information.

Generally speaking, there has been a 40% increase worldwide in average weekly attacks per organization. The peak was reached in September with over 870 attacks. Notably, the most impacted region was Africa. Now, regarding the nature of the attacks, malware attacks decreased in numbers, although this could be explained by a greater focus on infection quality. For example, malware developers are using emerging programming languages that make analysis harder. The increased interest in attacks causing a greater impact is reflected in the growing threat to supply chains, sought after for their ripple effect.

Currently, ransomware is the number one threat. It's said it impacts, on average, one out of every 61 organizations globally each week. Precisely, internet service providers/managed service providers is the most attacked sector, followed by healthcare and software vendors. Further, this year saw an increase in the ransomware-as-a-service business model, in which affiliate groups, or virtually anyone, can rent ransomware for their own purpose. The threat is ever more critical due to ransomware groups actively recruiting new members on forums, some even trying to get employees from the soon-to-be-victim companies on their side. What's more, ransomware groups are transitioning from cryptocurrencies like Bitcoin to Monero, which potentiates the anonymity and indistinguishability of transactions.

The profitability of ransomware augmented this year with the emergence of a multiple extortion scheme, in which attackers extort the target organization's customers or partners for ransom. The percentage of victims who paid the ransom also increased and a fair share of big payouts has been made public. Some cases of effective ransom payment could be enabled by the increasing popularity of cyber insurance. This shows a worrying landscape, as cybercriminals are encouraged to raise their demands. Indeed, it is believed that next year we'll see a ransom demand of $100M. What's even more shocking: The global annual cost of cybercrime is predicted to be $6 trillion this year and increase 15% per year, reaching $10.5 trillion by 2025.

The increase in security breaches and ransomware attacks has caused organizations to pay more attention to cybersecurity from a preventive standpoint, increase scrutiny, utilize more resources and form dedicated committees. However, many cybersecurity leaders are facing the complications of having too many tools from different vendors, which results in more complex security operations. Thus, they are leaning into vendor consolidation for better integration and more efficient security.

As we move into this year's trends in prevention, it's worth noting that there has been an increase in multifactor authentication usage. But this implementation is not enough on its own. Teams need to recognize the importance of properly configured, maintained and monitored identity infrastructure. Another prevention trend involves the increasing use of privacy-enhancing computation techniques that enable the protection of data while it's being used. This reduces risks in data processing, analysis, sharing and transfer.

Regarding advances in threat detection, organizations are increasingly turning to AI and machine learning to analyze great volumes of data. In addition to those techniques, organizations are soliciting manual pentesting as a way to find more complex and severe types of vulnerabilities. They are also in need of attack surface management platforms that help the prioritization of risks and fixes. Besides, the breach and attack simulation solution is gaining recognition as a method to assess how prepared an organization is for preventing, identifying and responding to real threats. Fluid Attacks offers its Penetration Testing solution, assessing systems' security configurations and responses continuously. These technologies and methods have been, and are expected to be, implemented by many teams starting from the early phases of the software development lifecycle.

Gartner has predicted that by 2025 more than half of the world's organizations "will use cybersecurity risk as a primary determinant in conducting third-party transactions and business engagements." Further, it's expected that, by the end of that year, around 30% of nation-states will be passing legislation for the regulation of ransomware negotiations, payments and fines. This will be a massive improvement from the current less than 1%. Moreover, as data privacy is increasingly being prioritized, Gartner says it's expected that "By the end of 2023, modern privacy laws [(e.g., LGPD, CCPA)] will cover the personal information of 75% of the world's population." So, every organization will need to pay heed to the standardization of their security operations adjusting to each of these laws. This way, they would prevent fines and damage to their reputation.

Finally, we must mention what the cybersecurity hiring crisis will look like in the coming years. The thing is, from 2013 to 2021, the number of unfilled cybersecurity jobs went from 1M to 3.5M. The positive news is that this number is not expected to grow by 2025. Actually, at least in the US, thanks to the campaigns and programs launched by companies like Microsoft and Google, the number of unfilled positions is expected to decrease. It could even be useful to restructure the hiring process, for some individuals that do not hold the credentials may still be apt for a job in cybersecurity. Now, for the exciting news! The global percentage of women working in the field has gone from 20% in 2019 to 25% in 2021, and it's expected to continue to increase.

Want some help implementing security right now? Contact us!