As technology advances, so does the sophistication of cybercriminals looking to take advantage of it.
It’s safe to say that 2020 turned the world upside down in just about every way imaginable. But one area in particular that COVID-19 impacted is cybersecurity. The technology landscape is constantly evolving, and while many of the cybersecurity issues we’ve seen as a result of the pandemic are not entirely unique, they were significantly exacerbated by COVID.
It’s known that times of social crisis make an attractive opportunity for cybercriminals to exploit, and the last year was no exception. This is especially true for businesses across all industries as they had to work through the changes brought about by the pandemic. Here are some of the key cybersecurity trends we’re seeing in 2021 and beyond that consumers and businesses alike should be aware of.
New Threats from Remote Work
For countless organizations, COVID-19 induced a rapid (and often frantic) shift to a remotely distributed workforce. For many businesses, this was an entirely new experience that they weren’t prepared for. It often involved unplanned cloud migrations and swift procurement of IT services to support a newly distributed workforce.
In the frenzy to keep business operations running, many typical security measures were side-stepped—creating new vulnerabilities and risk to organizations’ security infrastructures. Data shows that shifting to a remote workforce has increased the cost of a data breach by $137,000.
Increased Insider Threats
Navigating the newly remote workforce has created a new concern for insider threats. While it’s easier to believe that every cybersecurity threat comes from external forces outside of our control, the reality is that threat actors are growing more sophisticated every day, and making their way into organizational roles. This is mainly in regards to organizations who are increasingly hiring remote-only employees who are scattered across the globe, and who might have been hired only after a virtual interview.
To prepare for the new threat landscape, organizations must beware of the fact that data theft at the hands of their own employees is an unfortunate reality. While this can be difficult to believe, data shows that 15% to 25% of security breaches are performed by trusted business partners, and 7% of malicious data breaches in 2020 were caused by an internal member of the organization.
COVID-19 Phishing Scams on the Rise
As the COVID vaccination continues to roll out, people are increasingly looking for vaccination information online. Unfortunately, cybercriminals have capitalized on this as we’ve seen increased levels of phishing attacks tied to the vaccine—14% of malicious data breaches in 2020 were due to phishing. Pharmaceutical companies and vaccine distributors are common targets, and consumers are being plagued by email phishing attacks disguised as vaccination appointment details.
This issue is also exacerbated by the widespread remote workforce as threat actors target employees who are connecting to corporate servers. To protect from this, organizations would be wise to reevaluate their identity management and security strategy to ensure that employees have the appropriate level of access to the secure data they need at the right time.
As technology advances, so does the sophistication of cybercriminals looking to take advantage of it. Applying a sense of urgency to organizational security strategies will help mitigate risk and reduce the vulnerabilities available for criminals to exploit. Business leaders will need to seek out new ways to properly secure their protected data and work to create stronger defenses against the increasingly cyber attacks we’re seeing in 2021 and beyond.
Read on for more information on the threats and possible preventative actions.
Please include attribution to pandasecurity.com with this graphic.