The past year has been one of the most challenging in recent memory, both in terms of the effects of the coronavirus pandemic on societies and economies around the world, and the impact of a dramatic rise in cybercrime.
As the virus started spreading and countries around the world went into lockdowns, cybercriminals sprang into action.
In the first 100 days of the lockdown alone, Mimecast researchers detected huge increases in spam attacks (up 46%), impersonation attacks (up 75%) and malware, which spiked by 385%.
The continued disruption caused by the pandemic and the ’new normal’ of remote work will likely create fertile ground for an array of cyberattacks in 2021.
Mimecast’s cybersecurity specialists predict what cyber risks we are likely to face in 2021:
Ransomware will be used to sow chaos
Nearly half (45%) of South African respondents in Mimecast’s State of Email Security 2020 report said ransomware attacks had impacted their organisation.
Common consequences of successful attacks included data loss, downtime and financial loss.
Duane Nicol, subject matter expert for security awareness and brand protection services at Mimecast, predicts we’ll continue to see major ransomware strains that will compromise global networks in 2021.
“The objective won’t be money, but anarchy. DoppelPaymer proved this in 2020 when an attack on a German hospital delayed a dying lady from getting to hospital.”
“Some have even labelled this as the first officially recorded death due to cyberattack. It’s since been proven that she would likely have died anyway, but some might say she would have had more of a chance if she hadn’t been turned away from the first hospital.”
“In the first month of 2021 we’ve already seen major developments in ransomware,” said Nicol.
“Law enforcement has already gone after and shut down emotet and other botnets and ransomware gangs, but the war continues as new minor strains and malware components have appeared.”
“There are also new ransomware operators coming out and there have been changes in tactics from existing gangs.”
With the world waiting anxiously for the rollout of a COVID-19 vaccine, cybercriminals are likely to capitalise on this. A key US-based cold storage provider has already been the subject of a ransomware attack.
Healthcare providers, vaccine-related organisations, and their logistical partners therefore need to remain on high alert over an increased likelihood of cyberattack at this time.
Researchers have also noted an uptick in vaccine-related misinformation which may further complicate the effective rollout of a COVID-19 vaccine to those who need it most.
Remote workers become prime targets
With many people likely to continue working from home in 2021, Brian Pinnock, senior director at Mimecast, believes an increase in cyberattacks exploring consumer-grade home networking vulnerabilities is inevitable.
“Such attacks will negatively affect businesses that have not yet adapted their network security posture to align with the new hybrid work scenarios,” says Pinnock.
“Data breaches involving insiders will increase due to continued remote work. It’s also likely that cyberattacks will increase faster for smaller businesses than for large organisations, who are likely to increase their uptake of cyber insurance in the belief that this will mitigate all risk.”
Renewed focus on cybersecurity awareness training
Employee awareness of cyber risks will be in the spotlight in 2021, and organisations will likely enhance their cybersecurity awareness training efforts to strengthen their ‘human firewall’.
In Mimecast’s State of Email Security 2020 report, 99% of South African respondents offered security awareness training.
However, there are questions about the effectiveness of some of this training.
In a recent global study by Mimecast, employees were asked about their use of work devices for personal activities during the pandemic.
The study found that half of South African respondents admitted to opening emails they considered suspicious.
Heino Gevers, customer success director at Mimecast, says companies will be forced to adopt new means of supporting remote work even if things return to normal in 2021.
“Organisations will need to enhance their cybersecurity awareness training if they are to protect their employees and systems from avoidable threats,” said Gevers.
“Security teams are likely to launch live phishing simulations and other real-life, de-weaponised campaigns to stress-test employees’ ability to identify and avoid risky behaviour.”
“Our research has found that in 2020, end-users making use of Mimecast Awareness Training are five times less likely to click on dangerous links, so investments into effective and regular awareness training can be hugely beneficial to an organisation’s overall security posture.”
Reported breaches skyrocket due to POPIA
Starting in July, South Africans should also expect to see headlines proclaiming a massive increase in data breaches.
“This will simply be a reflection of what I believe to be already high levels of unreported data breaches, that will suddenly be made public in line with the POPI Act’s breach notification obligations,” says Pinnock.
“It is also when we will possibly start seeing the first regulatory fines being issued due to significant data breaches.”
Protecting public sector systems in the cloud
Thomas Mangwiro, public sector specialist at Mimecast, believes the growing adoption of cloud services among South African public sector organisations is enabling greater agility.
“Public sector ICT leaders will seek growing levels of support from technology and cybersecurity partners to build greater cyber resilience in an effort to protect systems and infrastructure from cyberattacks,” said Mangwiro.
“As more systems move to the cloud, new strategies will be needed to ensure high levels of security and compliance to public sector policy while maintaining data sovereignty.”
“Cloud adoption will help the public sector with productivity and the increased ability to deliver services. But downtime due to an outage could lead to widespread disruption of critical national infrastructure if these departments are all dependent on a single cloud provider.”