Cyberattacks are set to get targeted in 2021 — 3 trends

• Thread hijacking, unintentional insider threats, and human-operated ransomware – are set to increase in the next 12 months
• Human-operated ransomware attacks will become more targeted
• Hackers will tailor attacks to target critical infrastructure, pharma and healthcare, industrial IoT, and education 

Covid-19 not only upended lives but enacted a paradigm shift in how businesses and employees work. Undeniably, this rapid shift brings a host of security challenges for companies. Most cybersecurity predictions for 2021 show the ripple effect of the pandemic is likely to continue. According to HP’s 2021 predictions security threats such as human-operated ransomware, thread hijacking, unintentional insider threats, business email compromise, and whaling attacks – are set to increase in the next 12 months.

New approaches

HP Labs chief technologist for security research and innovation, Boris Balacheff emphasized that organizations need to re-think their security architectures and controls and embrace the necessary innovation. 

“Organizations need to accept that the future is distributed. Everything from remote workers’ devices to industrial IoT devices has become the new frontlines of the cybersecurity battleground in our increasingly cyber-physical world,” said Balacheff.

“For example, modern hardware technology exists that can help not only protect but also recover employees remotely and securely in the face of destructive attacks like those we have seen in the last few years.”

Tailored attacks

HP’s report suggests that hackers will tailor attacks to target specific verticals – in particular, critical infrastructure, pharma and healthcare, industrial IoT, and education. As expected, since healthcare has been at center stage this year, it will continue to be the most at-risk vertical in 2021.

“Healthcare has been a perfect target – society depends on it and these organizations are typically under-resourced, change-averse, and slow to innovate. Education also fits this criterion and could be another prime target,” CEO at MedSec, Justine Bone, said.

This threat however extends beyond hospitals and doctor’s surgeries into more critical areas, due to the race to develop a new vaccine, pharmaceutical companies and research facilities will also continue to face adverse risk. 

On top of healthcare, the next 12 months will also see other targets come into consideration for hackers. “Carmakers, particularly EV companies, will become bigger targets as they grow in prestige and profitability, and we can also expect to see critical infrastructure and the Industrial Internet of Things continue to be in hackers’ crosshairs,” Deloitte’s partner Robert Masse said.

In recent years, a record number of US government systems, healthcare providers, and educational institutions were targeted by ransomware gangs, with nearly 1,000 entities being successfully attacked at a cost estimated to be in the billions.

Human-operated ransomware

HP’s chief information security officer, Joanna Burkey believes ransomware has become the cybercriminal’s tool of choice, and it is likely to continue in the year ahead. “What we’ll see is a rise in ransomware-as-service attacks where the threat is no longer the ‘kidnapping’ of data – it’s the public release of the data.”

In fact, the rise of ransomware has fueled the growth of an ecosystem of criminal actors who specialize in different capabilities needed to pull off successful attacks. Malware delivered by email, such as Emotet, TrickBot, and Dridex, is often a precursor to human-operated ransomware attacks. The report also noted that threat actors use their access to compromised systems to deepen their foothold into victims’ networks in order to maximize the impact of an attack.

Senior malware analyst Alex Holland suggests this trend is of particular concern to those in the public sector. “The rise of ‘double extortion’ ransomware, where victim data is exfiltrated before being encrypted, will particularly hurt public sector organizations, who process all manner of personally identifiable information. Even if a ransom is paid, there is no guarantee that a threat actor won’t later monetize the stolen data.”