5 Cybersecurity Trends to Expect in 2021
Goodbye, 2020… Hello 2021!
It goes without saying that 2020 has been a dramatic year—and as such, many are counting down the days to 2021. But as a new year approaches, our problems are unlikely to magically disappear. What cybersecurity trends and issues can we expect to stick around, and what might some new ones be?
1. Remote working vulnerabilities remain
While COVID-vaccines are undergoing speedy clinical trials and emergency use authorizations, the vaccination priority will be for frontline workers, nursing home residents, and essential employees, as it should be. The reality is that the majority of the world’s population still has a few months to possibly a year of waiting it out for the doses. This means that it is likely that remote work will continue throughout the first half of 2021.
Though it may be convenient for some to work from home, with 82% of companies allowing employees to use their own devices, the WFH situation leaves much more room for cybercrime to occur than if employees were utilizing company-approved hardware and software with the assistance of an in-house IT and security team. Outdated hardware and software means that more connections are occurring without security, and especially if the employee were to remotely connect to a central platform, it could expose sensitive data. In fact, during the pandemic, remote desktop protocol (RDP) attacks have increased by a whopping 330%. This risk isn’t likely to go away anytime soon as WFH continues.
2. Healthcare data is still at risk
As the WannaCry attacks back in 2017 sped through different industries and their computing systems, the healthcare industry was made aware of how devastating consequences could be. Many hospitals were left unable to open medical records, forced to only accept emergency patients as their systems were under attack. While strides have been taken to ensure better cybersecurity management for healthcare services (like the FDA calling on manufacturers to put security patch capabilities into products before hitting the market), healthcare organizations are still dealing with Wannacry attacks, years later.
In fact, along with working from home, the risks for the healthcare industry are greater than ever. As ICUs and hospitals are flooded with incoming COVID patients, they are much more susceptible to ransomware attacks like Wannacry. Hackers may find this season of the global pandemic much more lucrative in which to conduct cybercrime, and the industry will need to prepare accordingly. Expect healthcare systems to employ more resources and increase spending in cybersecurity.
3. Fintech Industry will face increased pressure
With financial services also moving more into the realm of digital services, we find that FinTech has been facing much more pressure to implement cybersecurity protocols into their software platforms. Especially with the pandemic, many people cannot afford to go to a bank in-person, deciding instead to utilize online services. However, there is greater risk for data theft and manipulation, where threat actors could exploit the vulnerability to steal data and even gain access into a financial services server.
Moreover, with anxiety at an all-time high, humans are much more susceptible to the social engineering aspect of cybercrime. Phishing is an easy crime that largely depends on the victim at the other end of the phone or computer – and with new forms of phishing like Deepfakes (more on that later), attackers are having a field day with stealing financial assets.
4. 5G implementation: higher speeds, faster hacks
Whether it is for our mobile devices or self-driving cars, 5G is sure to have a drastic impact in our increasingly tech-focused world. Many professionals say that their organizations plan to adopt 5G in the next year, according to a Deloitte poll. However, as with all new technologies, there is going to be a surge in hackers who focus on infiltrating the technology and use it outside of its intended purpose.
High speeds and low latency are some of 5G’s biggest selling points, but this can also work against us as 5G allows for malicious actors the same conveniences. As the number of connected devices and the sheer quantity of data that is shared increases, it is inevitable that the threat landscape will expand, and mitigating risks and implementing proper cybersecurity protocols for 5G connections will be essential.
5. Deepfakes and AI bring new challenges to biometrics
We have all gotten the email telling us that we have “inherited” millions, but we just need to secure the funds by providing some very personal information. As mentioned before, these types of scams can do so much damage because no matter how well security is implemented, when it comes down to human reasoning, there is no application for seeing through deception.
However, in recent years this has leveled-up to “Deepfake” technology can create very lifelike, but artificial photos or even videos. Audio can also be deepfaked – in fact, in 2019, a U.K. energy firm lost 240,000 dollars by sending the funds to who he thought was the CEO of his company’s parent firm in Germany. Machine learning and AI-based software were utilized to initiate the scam, and it has gotten more difficult to detect the difference between deepfaked audio and the real thing.
With so much of authentication being transferred to biometrics, deepfakes should be a concern. Especially if deepfaked audio and video were to be utilized together, it will become more and more difficult to spot a scam.
Conclusion: Security at Work and Beyond
Though security protocols may have been in place at your workplace, next year may be just the right to kick it up a notch.
- Take the “Zero Trust” model into consideration: The “Zero Trust” concept is centered on the belief that nothing should be trusted both inside or outside the organization perimeters, and that everything should be verified before granting access. While “trust no one” may sound like a cheesy line from an action movie, in the cybersecurity world, it is becoming much more accepted.
- Utilize tools like Web Application Firewalls (WAFs): Available in hardware, virtual, and even cloud-based environments, WAFs can ensure that traffic is monitored, preventing data leakage, unauthorized access, and website defacement, among many other attacks.
- Secure your WFH situation: By using a VPN, using SaaS, and urging your company to help employees to keep their working environments secure, you can mitigate risks from the convenience of your own home.
If 2020 has taught us anything, it is that nothing ever goes as planned. Cybersecurity is all about looking ahead and planning for the worst-case scenario, while hoping for the best one. As 2021 approaches, keep up with the latest cybersecurity news by subscribing to updates here.
Check out Penta Security’s product lines:
Web Application Firewall: WAPPLES
Database Encryption: D’Amo
Identity and Access Management: ISign+
Car, Energy, Factory, City Solutions: Penta IoT Security