Cybersecurity Ransomware

Prediction: 2021 will be the “Year of Extortion”

Acronis released its Cyberthreats Report 2020, which is a detailed review of the present threat environment and forecast for the upcoming year. The move to remote work during the pandemic augmented security challenges, so this report cautions that 2021 will cause aggressive cybercrime activity as cybercriminals turn their attacks from data encryption to data exfiltration.

Ransomware is still the top threat, with Maze ransomware being responsible for almost half of known 2020 incidents. But the aforementioned report suggests a rising trend of cybercriminals attempting to further amplify their monetary benefit. Rather than being satisfied accumulating ransoms to decrypt infected information, they steal private – and occasionally humiliating – data prior to encrypting it. Then, they threaten to publicly distribute said files if the victim fails to pay.

 Analysts discovered evidence that over 1,000 corporations worldwide had their information disclosed after a 2020 ransomware attack – a trend projected to quicken in the coming year, surpassing encryption as cybercriminals’ main method.

“More than any year in recent memory, 2020 posed a tremendous number of challenges to IT professionals, organizations, and the service providers who support them,” stated Stas Protassov, co-founder of the report discussed here. “What we’ve seen is how quickly bad actors are adjusting their attacks to the new IT landscape. By analyzing the activity, attacks, and trends, we have detected and clearly presenting our findings, we hope to empower our partners and help the IT community at large prepare for the threats on the horizon.”

Cyberthreats Report Results Summary

  • Remote workers will see an increase in attacks. Though 31% of firms reported daily cyberattacks in 2020, the rate of attacks directed at their remote staff is expected to rise in 2021 because systems’ safeguards external of respective corporate networks are more easily compromised, which means criminals will have better access to organizational information.
  • New victims and more automation will be seen with ransomware. Instead of using a wide approach in terms of ransomware attacks, cybercriminals will concentrate on targets that a larger return on effort invested. Breaching a single network to steal information from several businesses is more lucrative compared to striking individual entities. Therefore, even though small companies will remain to be targeted, cloud environments and managed service providers will gain more attention as victims due to their systems offering access to multiple clients’ information.
  • Legacy solutions battle to keep pace with blocking new malware. Traditional antimalware solutions have become outdated as new threats are increasingly sophisticated and common. For example, a malware sample’s average lifespan in 2020 was only 3.4 days. Simply put, as attackers persist in utilizing automation, the amount of malware samples is anticipated to grow. Establishments must adopt new tactics to defense that are swift and devised to be ahead of modern threats. Minimal safety measures and support solutions will no longer be sufficient.

Developing threats mandate developing threats

“When it comes to existing solutions and strategies, the current trends in cyberattacks all show that traditional cybersecurity is failing – usually because of weak technologies and human error, which are both avoidable,” said Candid Wüest, another co-author of the above-mentioned report. “Just as cybercriminals are evolving their attacks, organizations need to advance their protection and security. Comprehensive cyber protection solutions offer the integration and automation that eliminate complexity, optimize performance, and streamline recovery when a successful attack inevitably occurs.”

Image Credit: Image by Gerd Altmann from Pixabay