The numbers are still trickling in, but some sources say that 80% of firms saw an increase in cyberattacks across 2020, with attempts occurring every 39 seconds and a total impact affecting 700 million people living across 21 countries. In the next year, we may see a total cybercrime toll hitting $6 trillion in damages annually. How can we know what to expect? By taking a closer look how online security suffered in the (very) recent past. Here’s how the changes of 2020 will create the cybersecurity world of 2021.
Phishing Attacks Will be Huge
At the end of December, market research agency Savanta found 57% of the US working population currently works from home. That number will drop once the pandemic’s over, as 39% of those working from home today say they’re happy or excited to return to work once it’s safe. Still, it’s a noticeable shift that will almost certainly see far more flexible and fully remote work positions sticking around for years to come. More than 80% of all cyberattacks are phishing attempts, making them the lion’s share of the problem. And with workers at home, the potential for human error or exploitation from phishers is sky-high. The pandemic led to a jaw-dropping 667% spike in spear-phishing attacks in March, compared to the previous month’s numbers. James Carder, Chief Security Officer for LogRhythm, predicts another coronavirus-related phishing front to watch out for in 2021: He thinks attackers will leverage the COVID-19 vaccine in their efforts. When it comes to the vaccine, phishers have two factors working in their favor: People have limited knowledge about the vaccine, and they’re very interested in getting it. But whatever causes the increase, you should batten down the hatches — by which I mean invest in a secure VPN.
Data Breaches will Drop, but Healthcare Remains a Target
The good news is that data breaches on the whole will be down in 2021, for the simple reason that they don’t earn hackers as much money as phishing or ransomware. Breaches dropped 30% in 2020, with the number of impacted individuals down over 60 percent year-over-year. The news isn’t great for one high-risk industry, though. Jumping off our last point about the vaccine serving as a lightning rod for phishing attacks: The entire healthcare industry is an appealing target for data breaches in the new year. COVID technology has expanded at a breakneck pace, with evolving healthcare measures including temperature/thermal screening, contract tracing apps and data, and COVID clinical trials and the vaccination data that goes along with them. That’s a lot of sensitive data that we didn’t need to worry about before 2020. And, since ransomware targets databases, Nair predicts we’ll see widespread adoption of Backup as a Service (BaaS) solutions, which help companies quickly recover their data. The US saw 145.2 million ransomware attacks in Q3 of this year, a 139% year-over-year rise. We even got ransomware in the guise of a beta release of Cyberpunk 2077 for Android. Expect similar costly bait-and-switches in the next year.
The Government will be Slow to Regulate Data Privacy
Data privacy in tech has been a hot-button topic for years, with massive giants like Google and Facebook facing antitrust cases as they enter 2021. But while we’ll see a lot of state-level action, the federal government may still be dragging its heels. Jedidiah Yueh, Founder and CEO at Delphix, foresees that industries everywhere will get more siloed state-level data privacy regulations, but the feds will be slow to respond with unified regulation. The takeaway here: Businesses must take action to explore how to best preserve data privacy without hurting rapid digital innovation. Even the best remote access software can’t fully ensure data will stay safe. Getting scalable automation to play nice with compliance is tough, but it’ll be a must.
Security Pros will Revisit Previously Rejected Solutions
Cybercrime may be evolving, but so are the good guys: Caroline Wong, Chief Security Officer at Cobalt, foresees that 2021 will be the year the industry solves the unsolvable. One example Wong gives is pentesting. Short for “penetration testing,” this refers to simulated cyberattacks aimed at evaluating the vulnerability of the system. Organizations had given up on the process, finding it too expensive and complicated to implement broadly or frequently. But now that cybercrime is rising, they’ll rethink their priorities. These types of trade-offs — swapping fast performance for better encryption — will become more common across tech in 2021, making security healthier overall.