As Data Privacy Day approaches, Safi Raza, director of cyber security at Fusion Risk Management, considers what we might expect from the cybercrime world in 2021 and the lessons learnt by all kinds of organisations in 2020 following some huge high profile data breaches.
“Cyber criminals are always ready to seize opportunities to exploit security weaknesses for monetary and disruptive gains and this year will be no different,” says Safi. “Following the rise of remote working due to Covid-19, we can expect criminals to continue targeting the remote workforce as an entry point to companies and sensitive data – and home network cyber risks will become greater during the year. In response, CTOs will likely continue exploring avenues to help mitigate this risk and spend more time and money on endpoint security and end-user training.”
“Cyber criminals are money hungry, and ransomware is lucrative. Needless to say, we can expect ransomware threats to increase. Likely ransomware targets will include hospitals and other health and research facilities, as these facilities are responsible for patients’ highly sensitive information, and any disruption can cost lives, valuable treatment time and patient data endangerment. Criminals are likely to target these organizations because they count on healthcare leaders to pay a ransom instead of gambling with patient health and information.”
“We will see criminals’ continued faith in the notion that humans are the weakest link, and can expect an uptick in social engineering”, believes Safi. “However, as more defensive technologies integrate with artificial intelligence, bad actors find it more difficult to compromise network boundaries. This is where the dangers of deep fakes enter. ‘Deep fake’s audio or video recordings that combine existing information and develop it into a new image, video, or audio recording, which can be pooled with existing tactics to cause maximum damage. For example, a criminal can look and sound like the CEO of your company, and easily trick you into approving a large payment.”
“Lastly,” concludes Safi,” third party risks continue to grow as our reliance on vendors increases and vendor networks grow. The Covid-19 pandemic highlighted the importance of vendor management, and how the failure of one element of a supply chain – whether it’s due to a cyber-attack, pandemic or other reasons – can impair a companies’ ability to continue to service its customers. Cyber criminals are well aware of the third-party network and will continue to target vendors’ data as a stepping stone to larger partners.”