The main cybersecurity challenges this year will be new viruses in emails, phishing campaigns, vulnerable end-to-end devices, as well as the growth of e-commerce and longer and more powerful attacks.
This is evidenced by the forecasts of cybersecurity experts of Tet (Lattelecom Group), which provides services of cloud technology, cybersecurity, GDPR-audit, and other IT solutions.
In 2020, Tet prevented 2,400 a distributed denial-of-service attack (DDoS attack) and blocked 140,000 infected emails, which is 50% more than a year earlier.
Analyzing the statistics of 2020, we see that the “pandemic” was observed in cyberspace, as the number of both viruses and attacks has increased.
According to Tet, the largest increase in DDoS attacks was observed in the second quarter of 2020 – during the first emergency – says Uldis Libietis, head of IT security Tet.
He emphasizes that DDoS attacks become longer – if once they lasted tens of minutes, now – a few hours and are repeated. Due to the growth of e-commerce and dependence on digital technologies, the trend will continue this year.
Sending a data stream of more than 100 Gbps to the victim’s server with small breaks for several days cannot be organized by one person or a small circle of people. Such actions need to be purposefully coordinated. One can only guess who is actually ordering and planning such attacks. However, they will not disappear this year.
Another notable trend is related to compromised third-party software, which is already affecting IT giants.
Modern IT solutions are often based on third-party software solutions that come with many small or open-source products. Hackers try to take advantage of opportunities to get into large systems just by using such small links in the chain.
Cases of such hacks are expected this year. A similar situation occurred in 2020 with SolarWinds Orion, when many companies, including Microsoft and VMware, fell victim to using software from a reliable manufacturer, which turned out to be compromised, – said a spokesman for Tet.
This means that development organizations will have to implement new or improve existing processes to control software components and the development process.
The problem of infected emails is still relevant. Since August 2020, we have seen a rapid increase in viral activity – the number of infected documents has almost doubled.
One of the brightest examples is the Emotet virus, the spread of which was stopped due to the coordinated work of many countries.
An alarming trend is observed with the spread of viruses through “edoc” and “asice” supplements, which open, even despite safety warnings. Phishing campaigns will continue. All these viruses require more vigilance from each person.
Based on last year’s data and the development of the situation with the pandemic and its consequences around the world, it is already clear that the focus of cybercriminals is a person and his ultimate device.
Why try to break the security perimeter of the enterprise and the firewall or a well-protected cloud? Instead, more and more attacks will be targeted at the weakest part – the person and the device on which he works from home.
Old software, lack of virus protection, access to Admin page, limited ability to control employees or its absence, in general, make employees an easy target.
Picture Credit: Pexels