Cyber threat landscape concept

How the cyber threat landscape has evolved in 2021

The cyber threat landscape has evolved drastically over the last couple of months, especially since the COVID-19 pandemic began. The Global Threat Landscape Report shows a significant rise in highly sophisticated attacks targeting organizations, digital infrastructures, and individuals in Q1 2021.

Cybercriminals are now casting a much wider net than ever before. Let’s look at the main developments in the cybersecurity threat landscape challenging the minds and resources of security experts across the globe:

Social engineering is more sophisticated

Social engineering attacks such as phishing, pretexting, baiting, and quid pro quo are becoming increasingly sophisticated and successful. In the 2021 Data Breach Investigations Report, most successful data breaches in 2020 relied on social engineering tactics.

New techniques such as deep fakes, malicious QR codes, and URL hijacking coupled with the prevailing social-political climate make these attackers harder to detect and stop.

Ransomware really pays

Ransomware is arguably the most devastating cybersecurity threat facing businesses today. While the basic premise of ransomware attacks remains unchanged, their cost, frequency, and success rate have skyrocketed.

In Sophos State of Ransomware Report 2021, 37 percent of the surveyed organizations said a ransomware attack hit them in the last year. In more than half of those cases, the attackers managed to encrypt the victim’s data and hold it for ransom. Sophos estimates that the total cost of rectifying a single ransomware attack (after paying the ransom, suffering downtime, and cleaning up) comes to an average of $1.85 million.

The ransomware business is booming as more and more players join the lucrative venture. This growth is fueled by the high potential rewards, the introduction of Ransomware-as-a-Service, and the relatively low technical entry point for cybercriminals.

Supply chains are under attack

Several high-value supply chain attacks have made news headlines over the last year. Traditionally, supply chain attacks have targeted organizations’ less secure but critical third-party products and services. But nowadays, these attacks have become gateways to compromise multiple targets at once using a single vector. Ironically, some of these vectors are trusted cybersecurity products and services such as managed security and antimalware. Such were the cases in Kaseya and SolarWinds attacks that affected hundreds of companies downstream.

Botnet activity has spiked

Bot-assisted attacks are becoming more common in a wider range of scenarios. A bot is a specially designed malware that interconnects networked devices, servers, or workstations into a botnet. The threat actor can then remotely issue commands to the botnet to perpetrate various attacks, such as surveillance, DDoS, cryptojacking, data theft, and spamming.

Botnets have a wide range of illicit uses, and many of the infectious bots evolve rapidly to evade detection. Plus, new bots regularly join the cybercrime arena, making it harder to identify and track them. Botnets come and go. Today, the sneakiest botnets include:

  • FickerStealer and Raccoon: Both are credential stealers.
  • Emotet: A brute-force attack tool used to crack passwords and encrypt data.
  • TrickBot: A sophisticated multi-purpose malware for committing fraud using stolen personal data.
  • XMRig: A crypto mining botnet discovered in 2017 but is still active today.
  • QNodeService: A malware that steals credentials from browsers and executes basic file management commands.

The threat landscape will continue to evolve as cybercriminals find new ways to outsmart cybersecurity systems or exploit new vulnerabilities. Tech-reliant companies need to invest in threat intelligence to devise proactive defenses against dynamic threats. You must be aware of all the potential risks to develop effective countermeasures. In short, keeping up with new trends in the cybersecurity world is a full-time job for security teams.

GB Tech has the experience, resources, and expertise to keep your business ahead of the curve with emerging threats. Protect your business against every possible cyber risk using our proven and trusted cybersecurity solutions. Contact us to learn more.