By Pushkar Tiwari
The year 2020 has been very fickle and we have confronted many unprecedented trials. Many things come about this year. They have some apprehensions and negative effects that could be made known in upcoming years especially in 2021. In the preceding years, the intensity of cyber-attacks has been very high. The year 2020 has been massively hit by COVID-19 and the major part of the world was locked due to the pandemic. The counter-strategies to avoid cyber-attacks come across some negligence and lack of courage to do so. The attacker would be taking advantage of this behavior and do more severe attacks in 2021. I am going to portraits some trends that could be extensively seen in 2021.
In this era, there is not only monetary fraud in cyber-attacks but also the personal data of users and their activities are not safe. The data of organizations that could be employee’s data or their financial data, the business reputation of an organization, country or city can be exploited and malign the good image. The Dark Web is a good source for attackers to sell the above-mentioned data to enemies and cybercriminals. Some years ago, a massive DDOS attack had been conducted and the Amazon website down only for a few seconds caused a billion dollars loss. Recently, AWS (Amazon web services) has successfully defended the 2.3 Tbps DDOS attack. It is the largest among all the conducted attacks. GitHub has also faced similar attacks and fortunately defended against the malicious activity of 1.3 Tbps.
The Dark Web is a favorite place for cybercriminals. Dark Web or Deep Web is similar to normal search engines, but cybercriminals would like to sell all illegal goods and data here. These illegal goods include illegal weapons, drugs, pornography, and everything. It is 500 times bigger than the normal web. Thus, Warren buffet thinks that cyber-attack could be bigger than nuclear attacks in case of financial loss and sometimes human loss. The study reveals according to the University of Maryland that after every 39 seconds, a Hacker does the malicious activity.
Ransomware will be the Deadliest
“Ransomware” is very dangerous among cyber-attacks. It is a type of malware and could become very deadliest in the year 2021. After every few seconds, an organization will have faced and affected by this attack. It is at the top according to FBI Threat Alert. In this attack, the files of users being encrypted, and then users or organizations cannot be able to access their files without paying heavy amounts that will be much higher in 2021. If a user doesn’t pay it, all of their data would have vandalized and sold to cybercriminals. Datto’s report of ransomware has shown that the average cost of ransom is around $5900. With reference to Global Information Survey “Phishing attack” is on the top of the list followed by malware and this trend will have continued in 2021. Most of the newly phishing attack also contains keyloggers for monitoring and recording purpose.
In 2021, Healthcare organizations and hospitals will be the core targets of cybercriminals as warn by the FBI and some other sources. All over the world, every country has done millions of COVID-19 testing and keeps all the records of the user’s data confidential. It would be desirable data for cybercriminals. According to recent surveys conducted by Global Information has shown that customer information is very valuable for cybercriminals. The patients who have lost their lives due to pandemic and their families could be exploited through online frauds, fake orders, and fake transactions. Their stolen data can also be used to exploit for racism purposes. The registration of the COVID-19 vaccine has been started and people will get vaccines easily at the start of 2021. It would be also alarming for all Healthcare organizations to keep user’s data confidential. In recent times, there is the death of a lady as reported during the transfer from one city to another city in Germany due to the unavailability of a system that is instigated by “Ransomware”.
The trend of online education and work from home has been started in a major part of the world and it would be continuing in 2021 and this trend has increased the chances of impersonation and eavesdrop attacks by cybercriminals. Doctors and other Healthcare organizations using online sources to treat patients could be the target of cybercriminals. They can highjack the sessions or insert the hate speech content during the meetings or forced unavailability of the resources. In addition to this, the employees’ credentials for online meetings can be stolen and could be used as legitimate users in 2021. Cybercriminals can access credentials easily and will be the cause of the bad reputation of the company and their employees as well as the exploitation of resources. Some organizations are forced to shift online due to the pandemic without any planning and feasibility; it will create some concerns regarding the safety of their data.
Negative Impact of Untrusted and Unsecure Desktop applications
There will be negative effects of untrusted and unsecure applications made known in 2021. People have downloaded too many applications during the pandemic to remotely work from their homes. These mobile and desktop applications gather user data and share this with third parties and sell this data on Dark Web. These applications could expose their video conference and capture sensitive data. These applications can also be the source of data loss. The FBI has already issued a warning for the use of remote desktop applications.
During the pandemic, a lot of orders among different vendors and suppliers, manufacturers and consumers are deferring, and thousands of orders are being canceled. It would create some vacuum for new vendors and investors. Cybercriminals will have taken advantage of this uncertain situation and create fake companies by using cross-site scripting to get an order.
Malicious insiders will also play a negative role in the upcoming year of 2021. Malicious insiders are legitimate users but having bad intentions to destroy the company’s image and become a cause of huge loss of money and resources. During the pandemic, a large number of persons provided online facilities without proper software credential testing and their impact would be negative in the upcoming year.
There is a massive increase seen in VOIP calls and video conferences. Intruders and eavesdrop can be exploited these resources for their own benefits.
The Biggest Impact of COVID-19
COVID 19’s impact on 2021 regarding cyber perspective could be fatal. It could spread on a very large scale. There could be huge loss of money and there could be counter-strategies to tackle cyber-attacks. The reason is that one year has been wasted without any significant development in the cybersecurity sector due to lockdowns and the pandemic. Recently, Terranova Security has conducted a tournament under the Microsoft banner to analyze the severity of Phishing attacks and they have concluded as it is still very weak and could be exploited in a harsh way. In the public sector, most of the employees have submitted their passwords and the rate is approximately 20.7 percent that could be very high in 2021.
During the pandemic, all over the world, every country tries to facilitate its people in the form of financial assistance and gather huge amounts of personal data that could be exploited in cyber-criminal hands. They can steal credit card details as a big audience has used online grocery stores. They can also be used the fake emails containing some viruses to exploit users’ bank details and online fraud. FBI and other organizations also issue alerts about it. Microsoft has examined 200 billion emails as spam or containing malicious scripting. The World Health Organization (WHO) has also conducted a survey and $74 million demurrage has been reported as fake emails contain the COVID-19 theme.
Used Laptops and Equipment
Many people might purchase used equipment and gadgets in 2021. They might have contained some preinstalled viruses to monitor their activities. More devices will be the cause of more malicious scripting and scams.
Online shopping and Grocery scam
The online shopping trend has increased in 2020 and it will continue in 2021. According to Datto’s findings, people have shown some sluggishness and reluctance to keep their credit card credentials secret. It could be exploited in a very wicked way by the use of cross-site scripting and other malicious methods. Brands, companies, and grocery stores can sell their data for marketing purposes without prior permission.
Use of VPNs could be Exploited
The use of VPN during pandemic has been multiplied and companies will not have been able to manage such abrupt loads. Cybercriminals could use the credentials of legitimate users for their malicious intentions. VPN will have been the favorite attacking points of cybercriminals. It could not be easy for VPN provided companies to give a safe route to all users. According to Gartner, 35 percent of the total companies have been scum-bling the TLS and SSL based attacks.
Cyber Criminals can take advantages of 5G technologies
Recently “5G Technologies” have been familiarized in Technological Advanced Countries but as the pandemic is ongoing; most of the counties may not able to provide this facility to their citizens. Now the cybercriminals have a thorough knowledge and they can use the speedy internet to transfer such a big amount of stolen data and they can carry the malicious activities hurriedly without an interception.
Pushkar Tiwari is Director of Development in Symantec Enterprise Division of Broadcom Inc. He has been leading Data Loss Prevention (DLP) and Cloud Access Security Broker (CASB) solutions. He has more than 15 years of professional experience in Cybersecurity and enterprise software. https://www.linkedin.com/in/tiwaripushkar/