2020 was a year of immense change. One thing is for certain – the world collectively witnessed the increase of digital interconnectivity. We began even more to rely on the internet as a conduit to the world. The rise of remote access to businesses, entertainment and interpersonal connections surged. The death of distance accelerated.
The increased reliance on remote access provided cybercriminals with an opportunity to exploit any easily accessible vulnerability. The rise in remote access, compounded by the need to learn more about the pandemic, offered an optimal climate for cybercriminals to thrive.
In 2021, the 24/7 news cycle was filled with stories of cyberattacks. There was the infrastructure ransomware attack on the Colonial Pipeline in May 2021, which caused the company to cease operations for days. Also the attack on JBS USA, which fell victim to ransomware and threatened U.S. food supplies. In another instance, a malicious actor was able to breach the Florida Water computer system and temporally alter the water content by changing the sodium hydroxide levels. In each of these examples, cybercriminals capitalized on the collective vulnerabilities of individuals and businesses to target critical infrastructure.
The list goes on.
In our 2020 Webroot Threat Report, our security experts made a series of predictions related to the threat landscape. Let’s revisit some of these predictions to see how close we came.
What small and medium-sized businesses (SMBs) encountered
Tyler Moffitt, security analyst at Carbonite + Webroot, OpenText companies, reinforced the likelihood that, “SMBs will continue to be targeted: they have lower budgets and scarce security staff, making them attractive targets.”
Over the course of the last year, “SMBs continued to be the prime target of ransomware authors. Although they have clearly attacked organizations of all sizes, small businesses do appear to be the most targeted,” says Moffitt.
Is the threat landscape more of the same?
Grayson Milbourne, security intelligence director at Carbonite + Webroot, predicted that in the coming year, “Expect to see more attacks against less-developed nations—not to generate revenue, but rather to disrupt and destroy.”
However, in the last 12 months, “We witnessed law enforcement fighting back at the infrastructure of ransomware operators, like Emotet, which was taken offline early in 2021. Cybercrime is no longer a punishment-free crime.”
Milbourne also remarked last year that, “Deepfakes are going to become a major threat. As the technology develops, anyone could make a fake video of someone else saying something they did not and could effectively weaponize it for malicious (or political) purposes.”
“One prime example that occurred this year involved an Australian news deepfake. The deepfake showcased a bogus discussion of an obscure cryptocurrency that helped to bolster financial gains for the currency. A very clever technique,” says Milbourne.
Infrastructure as a target
Matt Aldridge, lead solutions consultant at Carbonite + Webroot, forecasted, “All forms of the energy sector will continue to be at serious risk. In addition, service providers make very lucrative targets for attackers, as they are a single point of entry into many businesses. Executives will continue to be the targets of BEC attacks, which will continue to evolve in sophistication.”
Unfortunately, the Colonial Pipeline ransomware attack in particular bore this prediction out. “We’ve also seen cyberattacks facing the energy sectors in Slovakia, Norway, France, Puerto Rico and South Korea, among others. All forms of the energy sector will continue to be at serious risk,” says Aldridge.
Where do we go from here?
Our increasing reliance on information technology has provided a climate for malicious actors to take advantage. This underscores the importance of being fully prepared for when a cyberattack or natural disaster affects your business. Milbourne projects more software-based ransomware supply chain attacks. Ransomware, unfortunately, is only the beginning. Businesses that want to remain operational and secure need to modernize their information technology and security infrastructures. This helps to mitigate potential litigation and fines.
Moffitt adds, “With privacy regulations like GDPR and CCPA in full effect, we are likely to see ransomware threatening to leak important customer data to increase the likelihood that businesses will pay, even if they have adequate backups in place and don’t need the files back.”
With all this in mind, it is important to manage and protect your business. In the 2021 Webroot BrightCloud Threat Report, we illustrate how securing and protecting your business doesn’t have to be overwhelming.
With the right combination of backup, training and protection, businesses can collectively create a comprehensive and integrated approach to tackle evolving threats. By adopting a cyber resilience posture, businesses small and large can mitigate risks in the ever-changing cyber threat landscape. This multi-layered approach not only bolsters your brand, but also increases customer loyalty and improves the customer experience. A definite win-win.