Predicting the future is risky. As is often quipped, predicting the past is hard enough! Certainly, nobody could predict that 2020 would be a year like none other in modern history. The pandemic caused a tremendous realignment of priorities and waves of uncertainty.
It’s ironic, then, that at least one area behaved almost exactly as many predicted it would, and even exceeded expectations. 2020 was a bonanza year for cybercrime, which exploited uncertainty, fear and dramatic changes in company operations. This built off 2019, a year in which security vendor FireEye noted nearly half of identified malware families were brand new. If 2019 was a surge, 2020 provided the bang for cybercrime.
A bumper year for cybercrime
“2020 has elevated matters,” says Martin Potgieter, Co-founder & Technical Director at Nclose a South African digital security provider. “Criminals went out of their way to exploit our fears and concerns about the pandemic. They even created fake charities to con people out of money. They are also taking massive advantage of remote workers, targeting them because they know those people are now easier targets. At the same time, companies are ramping up their security strategies and investments to counter these activities.”
Cybercrime even achieved a dubious first. Due to a ransomware attack, a German hospital had to turn away a patient who then died en route to a different facility. This is considered the first death caused by ransomware disruptions.
Criminals are becoming more brazen. FireEye’s 2020 M-Trends report, looking at surges of cybercrime activity in 2019, found that reductions in dwell time – the period criminals spend inside an organisation’s systems before being discovered – has shrunk. This trend is partly because of better security. But criminals are relying exceedingly on lucrative attacks such as ransomware, which don’t require as much time. Cybercrime is very lucrative, earning more than the global drugs trade, and rarely punished because attacks happen remotely and clandestinely.
More responsibilities for companies
All this is taking place against the backdrop of privacy legislation, such as South Africa POPIA (Protection of Personal Information Act), the European Union’s GDPR (General Data Protection Regulation), and others including Nigeria’s NDPR (Nigeria Data Protection Regulation) and California’s CCPA (California Consumer Privacy Act).
If companies are found to have been irresponsible or negligent around cybersecurity, resulting in a successful attack on them, they can attract huge fines. Not meeting some of these acts can also exclude them from business opportunities – for example, companies have to be GDPR-compliant if they want to do business with European companies, EU citizens or people residing with the EU. Those are big sticks and carrots.
At least companies could anticipate the legislation. Less so was the shift to remote working, which entirely rearranged many IT estates and their security precautions – not to mention how to manage and inspire such workforces. The pandemic opened a can of operational worms, making it much harder for companies to stay ahead of the bad guys.
2021’s cybercrime and security predictions
These factors paint a backdrop for 2021 like no other, begging the question: what should we watch out for next year? FireEye’s latest report, A Global Reset – Cyber Security Predictions 2021, offers some helpful predictions:
- Vaccine makers, health workers and essential staff will remain major targets for online criminals
- Ransomware will continue to grow, and Ransomware-as-a-Service will become more widely used (effectively enabling anyone with some funds to order an attack)
- Securing remote workers will lead to more security automation
- Securing video conferencing and employee cameras will be a top priority
- Phishing (the use of fake emails to snare users into clicking on dangerous links) will keep growing, and its use will become more prevalent in state-sponsored and industrial espionage
- Cloud security will take the limelight, prompting the adoption of multi-factor authentication (such as one-time pins) and closer scrutiny on what security features cloud providers are responsible for
- Companies will rely more on security validation, which provides quantifiable data to the business on the effectiveness of their cybersecurity controls
- Managed service security will grow as companies shift budgets from in-house security teams to external providers, spurring more security collaboration
Managed detection and response
The last point is of particular interest, Potgieter explains, “Security is a moving target because you face humans who are motivated to attack your business. This situation places enormous pressure on company resources such as budgets and skills. The response has been a sharp rise in Managed Security Services, where security is contracted to an experienced security provider such as Nclose.
Managed Security Services enable companies to shift away from buying security products to using a service that detects and responds to malicious and dubious activities. This model is popular because it’s essentially a turn key solution with affordable and predictable costs, including service-level agreements that keep security performing to expectations. Managed Detection and Response service has been very effective at keeping companies safe and will no doubt expand in 2021.
Such services are working. Research such as FireEye’s reveals numerous places where the fight is reversing against cybercriminals. But it’s premature to call for a victory – such trends instead demonstrate that the cybersecurity industry can provide reliable and affordable solutions. They stand against a foe who in 2020 showed it has no scruples or morals. This will make 2021 a year for cybersecurity history.