In its newly released 2021 Threat Report, Sophos gets an early jump on forecasting cybersecurity trends it expects to see in the new year, starting with the dominant theme: Ransomware and rapidly evolving hacker tactics of all levels will shape the threat landscape and IT security in 2021.
After all, this is the time of the year that security specialists predict what’s coming in 2021 based on what’s happened in 2020, a year that many of us would like to forget. The security specialist’s report is authored by its researchers with input from its threat hunters, rapid responders, and experts in cloud security and artificial intelligence.
Here are the three major cybersecurity trends the U.K.-based company expects in 2021:
1. Ransomware:
Big-game hunting ransomware families will continue to hit larger organizations with multi-million dollar ransom demands. The number of apprentice hackers using ransomware-for-rent will increase and target high volumes of smaller prey. While cyber crews are differentiating themselves by skills and targets, ransomware families are sharing best-of-breed tools and forming “self-styled collaborative cartels,” said Chester Wisniewski, Sophos principal research scientist.
2. Commodity malware:
Everyday threats will demand “serious security attention.” Regular bugs may seem like “low level malware noise,” but they allow hackers to gain a foothold in a target. “Commodity malware can seem like a sandstorm of low-level noise clogging up the security alert system, Wisniewski said. “Any infection can lead to every infection.”
3. Detection:
All levels of hackers will “increasingly abuse legitimate tools, well known utilities and common network destinations” to skirt detection and and “stay under the radar” while they prepare to launch a network attack. "This technique challenges traditional security approaches because the appearance of known tools doesn’t automatically trigger a red flag,” said Wisniewski.
The report also examines other security trends Sophos expects to continue in 2021:
- Attacks on server platforms running both Windows and Linux to infiltrate organizations from within.
- The impact of the COVID-19 pandemic on IT security, including remote teleworkers using personal networks.
- Security challenges facing cloud environments, specifically issues different to those of a traditional enterprise network.
- Common services like RDP and VPN concentrators, which remain a focus for attacks on the network perimeter.
- Software applications engaged in tactics that are increasingly indistinguishable from overt malware.
- The reappearance of VelvetSweatshop, a default password feature for earlier versions of Microsoft Excel used to conceal macros or other malicious content in documents.
- The need to quantify unseen, undetected and unknown cyber threats to bridge gaps in detection, assess risk and define priorities.
