Cyber ​​Threat Predictions for 2021

11.03.21 в 17:58 Interesting 5665

Cyber Threat Predictions for 2021

The coronavirus pandemic has made 2020 an especially difficult year, and everyone is relieved to say goodbye to it. During this tough time, cybercriminals haven’t slowed down. Instead, they have become more active, taking advantage of the chaos in businesses, institutions, and households. Experts predict that hackers will not slow down and point out some alarming trends that will play an important role in 2021.

Corporate data breaches in households.

Information leaks from enterprises and institutions are nothing new. However, in 2020, as the importance of remote work increased, cybercriminals attacked home networks using inadequately secured personal devices and routers. 2021 will bring an increase in the number of incidents of this type. This will be greatly aided by pressure on IT and DevOps, which can lead to such errors as misconfigured servers or inadvertently shared databases.

Small and medium-sized enterprises will be the most vulnerable to attack, as employees’ rush to work remotely leaves plenty of room for vulnerabilities. Over the next 12-18 months, they will be the doorway to many attacks.

Firmware attacks will become mainstream

Numerous studies show that cybercriminals have become increasingly interested not only in operating systems or services but also in firmware. They are mainly interested in programs such as BIOS or UEFI, as well as in components (video cards, sound cards, cameras).

Once malware is installed, an attacker can monitor user activity, retrieve data from system memory, remotely control device components or the operating system, and even destroy hardware.

The excessive use of such tools as RwEverything to change hardware settings on a computer will contribute to an increase in firmware-related incidents. Also, the firmware will become one of the favorite targets of ransomware developers, as a successful attack locks down hardware and renders it useless.

Ransomware gangs will fight for domination

Ransomware attacks have been one of the most lucrative types of cybercrime since 2014. This makes criminal groups fiercely compete with each other. This competition won’t do any good for home and business users, as the diversification and increased complexity of malware make its decryption difficult.

In 2020, many ransomware operators have developed their tools including not only data encryption but also data exfiltration. Such actions will become the norm in 2021.

Increase in supply chain attacks, industrial espionage, and APT

Cybercriminals will increasingly attack supply chains, the best example of which is the recent incidents involving coronavirus vaccine scams. For political, as well as economic, reasons, attacks on supply chains will target industries that have not been of interest to cybercriminals in the past, such as healthcare and real estate.

Although ransomware gangs will pose the greatest threat to IT departments, industrial espionage groups will become more active in 2021. You should also take into account, first of all, a significant increase in the number of APT (Advanced Persistent Threat) incidents. Many of these attacks will increasingly evolve around penetration testing platforms for privilege escalation and credential harvesting.

A new version of phishing

The coronavirus outbreak and the “new normal” of working from home have contributed to the development of phishing emails. Phishing emails are usually easy to spot due to typos, misspellings, and lack of authenticity.

The only exception was the so-called spear phishing, i.e. emails targeted towards specific individuals and organizations.

But with the onset of the pandemic, there’s been a lot of spam without any typos or linguistic errors, comprising the logos of organizations or companies on whose behalf the scammers acted.

What’s more, new types of phishing attacks exploited topics that were much discussed in the media. This trend is likely to continue throughout 2021. Many people can become victims of fake news in which attackers ask for credit card information in exchange for delivering the COVID-19 vaccine to their homes.

Cybercrime as a service

On the black market, services related to cyberattacks on a specified target have recently become a highly traded commodity.

In 2021, their popularity will grow even more as malware authors and cybercriminals will focus on providing highly specialized services, including APT. Organizations will need to update their threat prevention strategies to focus on identifying tactics and techniques typically associated with sophisticated attackers. The current security situation for small and medium-sized companies is not sufficiently prepared to deal with APT mercenaries.

Containers attacked by hackers

This year’s observations by Bitdefender show that attacks on misconfigured containers are subtle but rapidly gaining importance. In the next twelve months, the number of such incidents will increase, regardless of the purpose for which containers are used. Another real danger is the growing number of DLL preloading attacks in popular applications.

评论

登录来发表评论
热门

伴随着会联网的广泛使用,随之带来一系列的危险。首先涉及到匿名和安全性。如果信息不设防范手段,您的数据很可能被入侵 — 这里举个例子,关于在公用网络中的私人的信件。

最初的互联网预想让空间没有国界化,无论在在那里都可以绝对匿名地获取任何信息。现在很多国家都出现了禁止访问某些资源的情况 。

25日
12月 2017

当今世界保证私人和企业的秘密数据变得越来越困难,所以信息安全的问题变得的越演越烈。每个人都拥有生存、自由和人身安全的权力。保护自己的数据免受入侵,和第三方的调查是没有任何原因的。如果您想在网络上安全地保存自己的信息,就不得不去遵守那些规则。本文就来介绍下基本的方法、手段和常用的程序,当然最主要的是互联网的安全使用。

In the recent past by the standards of the development of information technologies, in 2015 Google created artificial intelligence based on neural networks, which was able to analyze the condition around itself and draw conclusions about its further education. The name of the new offspring from Google was given in abbreviated from the term "deep Q-network" - DQN. The DQN started training in common arcade games (Pakman, Tennis, Space Invaiders, Boksing and other classics).

​The most common methods for organizing network anonymity are the Tor browser and the VPN technology. With their help, a real IP address is hidden, Internet censorship is circumvented and international restrictions are overcome.

最新

Receiving big volumes of data from websites for its following analysis plays a key role for plenty of projects. Target resource structure analysis and scraping of the relevant information are often connected to blocks or access restriction issues from website administration.

If you’re looking for a package of residential or mobile proxies with the ability to work with a particular country or ISP, the best option is definitely Exclusive Mix. With it you will be able to download the list which consists of proxies from preliminarily chosen countries and carriers, flexibly filtering it for your needs.

9日
7月 2021

How to web scrape with python? It's a question that many beginners have. At the entry level, the process is quite simple, and anyone can quickly get their project off the ground. However, to successfully work on such a task, you should not forget about many aspects, which are not easy to understand at once.

大家知道吗?大部分电子商务和网络营销的专家使用专业浏览器。该浏览器提高匿名率所以很流行。

Proxy server: what is it? Main advantages of working via a virtual “mediator” – anonymity on the web, avoiding all bans, protection against attacks, intellectual property protection

有问题吗?

在这儿点击,我们就回答

Trustpilot 4.5