The Top 4 Cybersecurity Threats to Watch For in 2021 (and What to Do About Them)

The world runs on technology, and that technology gets more and more complex and powerful every year. But with more sophisticated technology come bigger and bigger threats. To compound the risk, the more reliant on technology your business becomes, the bigger the risk of being compromised.

The good (and bad) news is that technology is an arms race. For every new piece of technology, there’s someone trying to use it maliciously. But for every cybersecurity threat, there are precautions you can take to keep your business and your data safe. Here’s what I’m watching out for this year.

1. Malware and Ransomware

Malware is a broad term used to describe any software that’s designed to harm your computer system, usually by stealing or deleting data. Since malware is made of actual software, as opposed to fileless attacks (more on that below), it requires that a file be downloaded and executed.

Ransomware is a form of malware. Rather than stealing or deleting files, ransomware encrypts those files such that they require a password or key to open, then demands payment to decrypt them. The WannaCry attack in 2017 is one of the largest ransomware attacks in recent memory.

Preventing Malware

The biggest way to prevent malware is to be extremely picky about the software that you allow to be installed on your computer or your business systems. Keep your operation systems, browsers, and plugins updated so that they’ll be ready for the latest security threats — if you’re still running Windows 7, it’s time to upgrade.

Two months before the WannaCry attack in 2017, Microsoft issued a security patch that prevented the exploit that the WannaCry hackers used. Unfortunately, many individuals and organizations don’t keep their computers updated regularly, resulting in more than 230,000 computers infected around the world.

2. Social Engineering Attacks

There’s a term in the IT world called PEBCAK, which stands for “Problem Exists Between Keyboard And Chair.” Essentially, it means that an individual user on your network or computer made a mistake and allowed malicious software to take hold. Social engineering (SE) attacks are specifically designed to take advantage of human ignorance of technology.

Phishing is the classic example of a social engineering attack. Anyone can design an email that looks like it came from your bank with a link that directs to a fake bank website. You enter your username and password and now the hackers have your credentials and can use them to access your real bank account.

These attacks can be hard to spot. The email address is usually a giveaway, but phishers use tricks like substituting the “pipe” character for a lowercase L. At a glance, it’s hard to tell that you’re at “we||sfargo.com” and not “wellsfargo.com.” 

The prevalence of social media has made phishing attacks even more sophisticated. If your LinkedIn, Facebook, and Instagram pages are public, a hacker can find out where you live, where you work, your family’s names, and other personal information. With that knowledge, they can build a fake email that’s tailored to you, mentioning things that you thought only your real bank would know. This is called “spear phishing” — a more targeted form of phishing.

Preventing Social Engineering Attacks

The solution to social engineering attacks is education. SE attacks rely on their ability to trick people into downloading programs or clicking links they shouldn’t. If you’re running IT for a network of computers, don’t be afraid to put strong restrictions on who can download software. Vet every piece of software downloaded to ensure that its reputation and security are up to your standards. Most importantly, teach your staff how to recognize a threatening or untrustworthy website or email to prevent the problem before it starts.

3. Cloud and Supply Chain Attacks

In recent years, software-as-a-service (SaaS) businesses have skyrocketed in popularity. Your business almost certainly uses some of these services for cloud storage, billing, project management, time tracking, inventory, and other day-to-day operations.

Since these systems are integrated so closely with your business, their security concerns are your concerns, too. If a hacker can gain access to the services you use, they might be able to gain access to your accounts or network via those integrations.

Preventing Cloud and Supply Chain Attacks

You can’t run a completely closed tech ecosystem — at some point, you’ll need to use software that you didn’t build, and you’ll need to grant it access to the internals of your network and machines. The key is caution. Examine the security protocols and credentials of every software partner you use until you find one you’re comfortable with.

It’s also a good idea to have a contingency plan that allows you to cut ties with a software partner immediately if you hear about a threat to their systems. How quickly can you uninstall Dropbox from every computer in your office? Come up with a plan in case something goes wrong and keep an eye on the news.

4. Fileless Attacks

While many exploits require the user to actively download and run a piece of software, a fileless attack exploits tools and processes already present on the computer. This makes fileless attacks harder to catch — antivirus software tends to look out for unauthorized file activity, so fileless attacks can fly under the radar.

A fileless attack might start with a link to a malicious website. SE tricks on that site might ask users for permission to show notifications or run javascript on that site, which then launch system tools like PowerShell. PowerShell then retrieves and launches additional payloads, which execute malicious functions.

Fileless attacks aren’t new, but their significant success rate and speed of development, not to mention their ability to avoid detection, has resulted in a significant uptick in this kind of attack.

Preventing Fileless Attacks

Tanmay Ganacharya, who runs the Microsoft Defender threat research team, told TechRepublic, “You have to be able to scan injected modules in memory, because nothing ever touches the disk, and you have to be able to see as things get loaded into memory, whether it is a payload or shell code. You have to be able to see it, stop it and then kill the associated processes.”

Major protection software like Microsoft Defender is already on the lookout for fileless attacks, checking script behavior and monitoring user behavior patterns to find scripts that shouldn’t be running and stopping them. Make sure whatever software you’re using has script monitoring as part of its functionality.

Talk to the Experts

43 percent of cyber attacks target small businesses, but most small business owners don’t have the time or resources to keep up with (and protect against) every threat that might arise. That’s why it’s so important to hire a tech consultancy. A good consultant can not only explain the threats to your business in clear terms, but help you find the right software and implement the right policies to prevent those threats from damaging your business.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s