Forecast of major cybersecurity threats in 2021
With the coronavirus sweeping the world, the need for cybersecurity in 2021 is more urgent than ever.
With the proliferation of remote platforms, various remote platforms are experiencing new perceptual shifts in the IT industry, such as remote working environments, government data legislation, and public cloud transitions.
Over the past year, a variety of security threats have caused direct damage to individuals and businesses, including personal information leaks, the spread of malware, phishing emails, corporate data and cyber security attacks.
According to various network attacks occurring in 2021, we need to know about them in advance and timely detect them in the later operation process to avoid risks.
1. Network attacks in remote working environment
As continued social distancing increases, telecommuting activity will increase and cases of attacks on remote working environments are likely to increase further. Experts predict a growing escalation of attacks by hackers targeting vulnerable personal networks, such as malicious mail, the distribution of malware through videoconferencing platforms and internal internal platform attacks.
In addition, hackers may try to target more diverse programming languages to avoid tracking. While many traditional malware (such as C, C++ and Delphi) are dominant, programming languages (such as Python Go) or fileless malware attacks have also increased recently, according to the US G-dinet survey.
To prevent such damage, companies must put in place security measures to enhance access policies and security, as well as prevent malware attacks or intrusions through unpermitters. Security solutions should protect employees’ personal PCS (endpoints), as increased telecommuting can lead to management leaks, and network security education and training must be ongoing to raise employees’ awareness of security.
2. Targeted ransomware attacks
While traditional ransomware attacks demand money by encrypting stolen information or servers, more recently they have evolved into “targeted ransomware,” which is not just encryption but a dual threat to information disclosure.
Targeted ransomware attacks, also known as “advanced persistent threats”, are a strategy by hackers to illegally extract large amounts of data, encrypt databases of victims and threaten them to disclose their data if they do not pay up.
Korea s Attachment Group demanded 44.4 billion won in bitcoin based on the information of 2 million customer cards, and a university hospital in Germany whose server was encrypted paralyzed the hospital system and resulted in the death of an emergency patient are typical APT attacks.
Targeted ransomware attacks need to enhance their security points across the board, as companies need to watch targets over time and carefully discover and attack vulnerabilities. In addition to endpoint security, network intrusion prevention, and Web server security enhancements, you must prevent direct intrusion by hackers to ensure business continuity.
3. Cloud security threats
Due to the advantages of efficiency and cost savings, more and more enterprises are adopting and using cloud infrastructure. As a result, there is little risk of exposing large amounts of sensitive information in the cloud. Hacker interest is also focused on these expanding cloud infrastructure environments, which could lead to a proliferation of cloud and related security attacks.
In 2019, more than a third of companies said they used more than 30 cloud services from 16 cloud providers, according to THE IBM Ex Expo Security Lab, while network and data security firm Thales reported that about half of IT and data security organizations globally store enterprise data in the cloud, Forty-eight percent of the data is sensitive.
These findings suggest that many distributed cloud environments may compromise the effectiveness of enterprise security policies due to the fragmentation of cloud environments. This concern is supported by the fact that more than 85% of data breaches that occurred in 2019 were attributed to user responsibility.
Cloud adoption has become an irresistible trend of The Times. To maximize the efficiency and convenience of cloud infrastructure and prevent business disruption due to security threats, enterprises need to develop proactive security measures along with cloud server adoption.
4. Internet of Things (IoT) security threats using 5G
As services based on the Internet of Things expand to use 5G, there are more and more security attacks closely related to personal life. Unauthorized intrusions using the remote opening and closing function of the loophole door lock, privacy hacking through IP cameras, and threats against IoT device vulnerabilities are common.
IoT products with limited or no security features are relatively vulnerable to attacks compared to software protected by multi-factor authentication (MFA), such as passwords or OTP with complex rules. In fact, HP’s survey of global enterprise HP revealed not only that there were at least 25 vulnerabilities in the top 10 IoT products, but that manufacturers lacked countermeasures to improve the vulnerabilities.
With the expansion of off-face education, medical care and telecommuting brought by Corona 19, the reliance on iot devices is expected to increase further in the future.
Experts stressed the need to follow security rules related to iot terminals, including regularly deleting unnecessary primary accounts and changing default passwords set at the factory.