Cybercrime has been increasing steadily for the last two decades, and is expected to reach a global cost of $6 trillion by 2021. In addition to overall impact, we are seeing more cyber threat activity than ever before. On average there is an attempted hack every 39 seconds! For many companies it’s not a matter of if someone tries to hack them, but when. In order to improve your defenses and protect your business it’s important to know what cyber threats are out there and how to defend against them. In cybersecurity this is known as threat modeling. Here we have compiled a list of five trending cyber threats that you should prepare for in 2021.

Fileless Attacks

Fileless attacks are memory-based cyberattacks that don’t require you to download any malicious files onto your machine, instead relying on legitimate programs to infect your machine. For example, you may click on a link in an email that directs you to a fake Scotiabank login page, which then triggers an exploit that launches a PowerShell terminal that the hacker can use to run commands on your machine. All of this can be done without downloading files on the computer’s hard drive and therefore evades many of the traditional security controls. Fileless attacks are likely to increase in popularity in 2021 due to their ability to bypass many security controls and given the fact that it can be done over email, allowing for mass spam to many users at once. The best way to prevent this type of attack is to implement a holistic defense strategy, including training employees not to click on suspicious links via email or text message and ensuring your software is up to date.

Insider Threats

Insider threats are any employee, contractor, supplier, or third party that is part of your everyday business operations. People often focus on outside threats, but insider threats are especially dangerous because they already have access to your network and company information on a daily basis. Most insider threats are disgruntled employees that are looking to get back at a company for a perceived wrong. Given that we are in a global pandemic, many people are being laid off and if this continues into 2021 you can expect more situations where people are frustrated with losing their jobs and looking to get back at the company. To avoid this type of threat, you need to implement specific controls to prevent disgruntled individuals from harming your company. 

1. Remove access promptly following a layoff, this way once the person finds out that they have been fired, they won’t be able to login to the network and download files, upload malware etc. Access should be removed as soon as the person is notified or even ahead of time.
2. Use the least privilege model. Least privilege means that people are only given as much information and access as needed to perform their job and nothing more. By limiting the amount of information people have, they are less capable of leaking or stealing company information.
3. Have good backups of critical files/data. One thing insider threats may try to do is delete important documents in order to negatively affect a department or the company overall. Having regular, reliable backups will allow you to recover that information if anything important is deleted. You can find a full outline on defending against insider threats here.

Ransomware

Ransomware is one of the most profitable forms of malware in existence. Ransomware alone is expected to cost over $20 billion in 2021. This type of cyber threat encrypts the target’s information and demands payment in return for decrypting the information. Information is the lifeblood of modern business, and as a result most businesses will not hesitate to pay that ransom in this situation. Ransomware attacks have been projected to increase in popularity for many reasons, a major factor being the COVID-19 pandemic. One scam that threat actors are currently using is free downloads for video conferencing software, which is in high demand right now given the increase in remote workers. Here are some tips for defending against ransomware attacks:

1. Ensure that you have good perimeter cybersecurity controls, which include firewalls and anti-malware solutions. Tools that can scan email attachments are especially important because that is a huge attack vector for ransomware.
2. You also want to ensure that you update your software with the latest security patches. Unpatched software is a huge vulnerability that led to massive ransomware attacks such as the Wannacry back in 2017.
3. Provide employee cybersecurity training. 50% of security breaches occur because of user error, so training employees on how to identify phishing attacks and other basic security practices such as not clicking on suspicious links or downloading suspicious files are important to preventing ransomware attacks.

Cryptomining

Cryptomining is the process of using computing resources to add new blockchain transactions. Technically any person with a computer can mine cryptocurrency, but because it requires huge amounts of processing power it’s usually done in centralized mining operations. However, threat actors have found a way around this. What many threat actors will try to do is infect multiple machines and use all of them for their processing power. While each individual computer may not have the processing power required to be profitable, by infecting hundreds of machines they will have all the processing power that they need. As the number of devices continues to grow each year, the effectiveness of cryptomining grows in proportion. Given the rising value of cryptocurrency, you can expect to see cryptomining malware continue to increase in popularity going into 2021. Bitcoin recently hit it’s all time high this December at $30,000! In order to defend against cryptomining, it’s important to have endpoint security solutions that can detect when cryptomining-associated malware infects a computer or prevent it from being installed in the first place. Cryptomining results in higher than normal use of computer resources which should be detected by good endpoint protection solutions.

Business Email Compromise (BEC)

BEC is when someone gets login information to someone’s corporate email account, usually done through some type of phishing attack. The ultimate goal is to extract information from their email accounts by downloading all of their emails and file attachments. BECs usually result in large data breaches and profit to the hacker so you can expect this attack vector to remain popular going into 2021. The best ways to protect your company include enabling two-factor authentication on all corporate accounts and training employees to recognize and report suspicious emails. Phishing emails are the normal attack vectors hackers use for BEC.

Defending Against Cyber Threats in 2021

The known number and complexity of cyber threats are expected to continue to increase for the foreseeable future. As we begin the New Year, it’s important to be aware of the trending cyber threats of 2021 to ensure that you are well protected. One of the best ways to do this is to run security tests and attack simulations so you can see how well your company responds to a potential cyberattack. rThreat’s breach and attack simulation gives you the ability to test your company’s resilience to known and unknown cyber threats by mimicking real world attacks and giving you a chance to view your company’s response from the outside. You can read more about what rThreat’s breach and attack simulation has to offer here.

Do you want to learn more about cybersecurity? Please subscribe to our newsletter.