The beginning of the year is always a sound time to review the main developments and incidents that took place in the cybersecurity industry.
Lockdown measures driven by the ongoing pandemic have changed systems around the world. Digitalisation, which is the main driver of these changes, will maintain momentum in 2021.
To look at the impact these events had on organisations and individuals, and predict what they could mean for the overall evolution of the threat landscape, Kaspersky shares its vision on what we could face in terms of cyber threats in such areas as healthcare, education and ICS attacks in 2021:
1. Evolution of ICS oriented attacks
Each year actors develop more and more advanced targeted threats. Some closely examined features of industrial businesses and gained access to vast amounts of information about their technological networks. This trend is expected to continue in 2021.
Ransomware attacks against ICS systems, in particular, will become more targeted and, as a result, even more sophisticated using APT tactics. This is a significant threat since industrial networks have become more vulnerable due to the limits imposed on onsite work and onsite personnel, coupled with an increase in the number of people accessing networks remotely.
2. Hacking the vaccine: A new opportunity to exploit COVID-19
Using medical and healthcare topics as bait will continue this year and will remain relevant, at least until the end of the pandemic. Recently, the main reason for attackers’ growing interest in medical research was the development of a vaccine against COVID-19. In 2021, the efforts to steal Coronavirus research data will continue. As long as the global healthcare community continues to fight the disease, any company that claims significant success in the development of a vaccine will become a potential victim of targeted attacks.
However, the focus on digital security in hospitals offers hope that in 2021 there will be more collaboration between cybersecurity experts, organisations and healthcare systems. Experience has shown that big crises, like the pandemic, push organisations to pay more attention to protecting their infrastructure.
3. Human-operated ransomware attacks will remain an acute threat
Ransomware has become the cybercriminal’s tool of choice, and this is likely to continue in the year ahead. What we will see is a rise in ransomware-as-service attacks where the threat is no longer the ‘kidnapping’ of data – it is the public release of the data. This has fueled the growth of an ecosystem of criminal actors, who specialize in different capabilities needed to pull off successful attacks. Malware delivered by email are often a precursor to human-operated ransomware attacks.
