Cybersecurity threats skyrocketed in 2020. Hackers took advantage of the fear and uncertainty caused by the COVID-19 pandemic to lure in victims with phishing campaigns. The rapid transition to work-from-home strategies left organizations vulnerable to attacks on remote workers with inadequate security controls. Ransomware attacks continued unabated, and a credential-stuffing attack exposed 500,000 of Zoom’s usernames and passwords.
As 2021 draws to a close, organizations should reevaluate their cybersecurity strategies and practices to address the ever-evolving threat landscape. At the top of the list should be enhanced security for the remote workforce. Security experts warn that remote operations will remain the primary attack vector in 2021, with some analysts predicting that attacks targeting employees working from home will increase 40 percent or more next year.
Here are four types of attacks to look out for:
Ransomware. There’s every reason to believe that ransomware attacks will continue to accelerate in 2021. Researchers with SophosLabs expect sophisticated cybercriminals to target large enterprises and government agencies with multimillion-dollar ransom demands. However, Ransomware-as-a-Service offerings on the Dark Web will enable smalltime hackers to go after smaller businesses in high-volume attacks.
Threats targeting personal devices. In a MalwareBytes report on the security impact of the COVID-19 pandemic, 28 percent of survey respondents admitted that they are more likely to use personal devices than company-issued laptops for work-related activities. That opens up security weaknesses for hackers to exploit. Twenty percent of organizations surveyed said they suffered a security breach caused by remote users, and 24 percent faced unexpected expenses responding to a cyberattack related to remote work.
Encrypted threats. According to WatchGuard’s Internet Security Report for Q2 2020, 34 percent of attacks were sent over encrypted HTTPS connections in the second quarter of this year. The volume of encrypted threats continues to increase dramatically. Organizations that aren’t able to inspect encrypted traffic will miss a massive one-third of incoming threats.
Attacks on VPNs. Millions of organizations are using virtual private networks to enable remote access to IT resources. While unpatched VPNs are a significant weakness, even well-managed VPNs are vulnerable to attack. As a result, more and more organizations are phasing out their VPNs with zero trust solutions. According to Gartner, 60 percent of enterprises will implement zero trust remote access by 2023.
How Verteks Can Help
The cybersecurity professionals at Verteks stay abreast of the latest threats and can help you develop a strategic approach to securing your business. We start with a thorough assessment of your environment to detect vulnerabilities that could give hackers access to your systems and network. We then implement best-in-class security tools in a layered approach designed to detect and block attacks no matter how they try to enter your environment.
Of course, security tools aren’t enough — we also monitor your environment and investigate events and behaviors that could indicate malicious activity. Through our comprehensive managed services offering, we promptly apply patches and updates, maintain your firewall and other devices, and ensure that your data is backed up at regular intervals.
As 2020 comes to a close, now’s the time to reassess your security controls and take steps to protect your systems, network and data from potentially devastating cyberattacks. Let Verteks help you enhance your security posture with our comprehensive suite of solutions and services.
