Cyberattacks have increased year over year for some time now.
While many things changed in 2020, the prevalence of cyberattacks was one thing that continued on the same trajectory and once again increased.
COVID-19 especially ramped up cyberattacks as hackers looked to exploit unprepared businesses and users.
- Ransomware attacks increased by 105%.
- Email phishing attacks increased by 667% and are the most common data breach for users working at home.
- The number of unsecured remote desktop (RDP) machines rose by more than 40%.
- Brute-force attacks on RDP machines grew 400% in March and April alone.
While we would love to see a decrease in cyberattacks, realistically, that’s not what we’re anticipating in 2021.
When our team of security experts isn’t helping prevent or respond to a security breach, they’re staying updated on industry news. Some of their expectations for 2021 include:
- Continuing to see an increase in attacks, specifically ransomware
- Increasing attacks on healthcare and medical industries
- Seeing businesses prioritize cybersecurity
Overall, cybersecurity will be just as, if not more, essential in 2021 as it was in 2020.
The continued increase of attacks on teleworkers
As users continue to work from home temporarily or permanently, attackers will continue to exploit users.
One type of attack we’re specifically expecting an increase in is ransomware. This type of malware works by denying users access to data until a ransom is paid.
Many ransomware attacks already involve data exfiltration. In 2021, security experts expect attackers to extort victims using the data they’ve stolen.
Additionally, as more businesses turn to cloud-based platforms, hackers will likely exploit these solutions with ransomware attacks.
Attacks on healthcare and medical industries
As COVID-19 vaccines are distributed throughout the U.S. and the world, cybersecurity experts are advising healthcare organizations and medical institutes to prepare for an influx of attack attempts.
2020 already saw attackers targeting the medical and healthcare field as the coronavirus taxed the industry.
With how vital the COVID-19 vaccine is to keeping us healthy and helping us move toward a new normal, malicious actors will be looking to interrupt or prevent access to the vaccine.
Prioritization of cybersecurity
The combination of the significant increase in cyberattacks and predictions for 2021 means businesses will (or should) prioritize security solutions.
The advent of teleworkers means the threat landscape has changed. Subsequently, so has the way businesses need to approach cybersecurity.
Even after the pandemic, there will be more remote workers than before 2020.
We’re expecting to see a focus on products and services being more teleworker-centric to meet these new needs.
We’re also expecting businesses to invest in user education options and new solutions or services to address businesses’ needs with remote employees.
Even with a workforce where everyone is in an office, users are an organization’s most significant vulnerability.
However, when you add a remote workforce, you also have to consider how your attack surface has increased.
Investing in user education addresses how all users – regardless of where they’re working – can help secure your environment and provide education about secure ways to work from home.
Bad practices to leave behind in 2020
While data breaches and cyberattacks are inevitable to an extent, there are ways to reduce the amount and magnitude of attacks.
When thinking about cybersecurity in 2021, we encourage you to leave the following bad habits behind.
1. Insecure remote connections
When the pandemic first hit, businesses quickly adapted to having a remote workforce by providing some unique and insecure means of connecting to the office.
Is your business still using a remote desktop connection or third-party desktop sharing software? Then, you should replace them with secure end-to-end encryption between your remote users and your organizations.
2. Using personal devices for remote work
At the beginning of the pandemic, many organizations didn’t have the resources to hand out laptops or tablets to their entire workforce when they were expected to shift to working remotely.
While this solution technically worked, it wasn’t a secure way to support a remote workforce.
If you plan to continue supporting remote workers – whether part-time or full-time – you need to ensure these users have work devices to work from securely.
3. Using work devices for personal use
Even if your organization did have the resources to give remote workers dedicated devices, you had security concerns to think of.
With users working from home, there’s little oversight if they’re checking their personal email on their work device or letting their children use the laptop.
A leading cause of malware infections is from someone using a device for personal reasons and knowingly (or unknowingly) downloading malware.
4. Network segmentation
Even if your employees are correctly using their work devices for work and personal devices for personal purposes, there are still security concerns at the network level.
This is why we encourage businesses to consider having their remote workers segment their home networks or use a dedicated teleworker device, like a Meraki Z3, with the ability to segment home and professional networks.
Tips for staying secure in 2021
We want organizations to be more secure in 2021 than they were in 2020.
Cyberattacks aren’t going anywhere, and we can expect attacks to continue to increase and evolve.
Additionally, if you have a stake in the healthcare or medical industry, cybersecurity should be top of mind as we anticipate attackers targeting this field.
Regardless of your industry, however, cybersecurity should be a priority of yours in 2021. Look out for new security solutions to address your needs.
Most importantly, make sure you secure remote connections, require home and personal devices to be used for the respective purposes, and segment your employees’ home networks when possible.
For more information on best security practices, check out some of our other articles: