By Sarabjeet Khurana, Country Manager (SE Asia/India & SAARC), DigiCert
With all the uncertainty that 2020 presented us, no one knows with certainty what will happen. However, we can be reasonably certain about our predictions based upon the changes to infosecurity brought upon us by the pandemic and other events of 2020 and the way it will likely shape 2021. First and foremost, in our thoughts are the impacts of vastly increased remote working and digital transformation that have both been accelerated by the pandemic and the difficulty of in-person gatherings.
Prediction: Social engineered attacks will get more complex
According to Verizon’s Data Breach Investigations Report for 2020, social engineering is a top attack vector for hackers, and we expect threat actors to leverage current events to unprecedented levels. Consider the following:
• Unemployment fraud: With unemployment fraud at an all-time high, we will see an even larger increase in 2021 as pandemic-focused unemployment programs from governments have lowered the barriers to collecting benefits, and security methods have not been able to keep up. Should we see additional stimulus funding from governments to provide relief for the effects of the pandemic, this will only make this a richer channel for fraudsters.
• COVID-19: Scammers will utilize social engineering to dupe users into providing a mailing address, phone number and credit card number with a promise to charge 25 cents to verify their information and qualify for a free COVID-19 testing offer.
• More COVID: The offer of fake, “government-approved” cutting edge technologies to fight COVID and take the temperature of those in proximity will trick users into downloading malicious apps on their smart devices that can be leveraged for nefarious activities by threat actors.
Prediction: Shortcomings in data security are going to cause a slowing effect on telehealth organizations due to an increase in targeted attacks
Telehealth providers are opening themselves up to cyberattacks on an unprecedented scale. Prior to the pandemic, telehealth comprised only a small fraction of medical visits. However, beginning in March 2020, much of medicine suddenly shifted to the telehealth model. The value of a single health record is high, and this will become a growing target for fraudsters looking to take advantage of this situation.
Prediction: The “New Normal” will be under attack
We predict that individuals and businesses alike will adjust to a new normal sometime in 2021. This new normal will result in an increase of travel, a reduction in unemployment, and a transition for workers to return to the office, leading to threat actors’ attacks on the following:
• Travel: Fraudsters looking to take advantage of the new normal will target vacation-starved travellers looking for good deals online or via email. Phishing attacks will be the tool of choice and will be leveraged successfully by fraudsters.
• Back to the office: As workers return to the office, there will be a steady crescendo of applications offered by threat actors with the promise of increased productivity tools to ease the transition to the office. Tools such as apps that provide ambient sounds will be leveraged in these attacks.
• Data Breach News: News of data breaches will increase in 2021 as the public learns of exploits on companies that haven’t done a good job securing their remote workforce. In India, Data breaches have shown a 37 percent increase in cyber-attacks in the first quarter of 2020 compared to 2019.
Prediction: 2021 will bring increased focus on automation and efficiency solutions in the security market
• As organizations work to keep the lights on and scrutinize the bottom line, there will be a resulting push for efficiency in security technologies.
• 2021 will bring an emphasis on technologies that allow organizations to do more with less, and automation will play a significant role in terms of security innovation in the New Year.
• A consolidation of security vendors will take place in 2021 as businesses look to reduce the number of vendors within their environments. Trusted vendors with leading global technology and local resources where their customers live will be valued, as will be their emphasis on automation of security tasks
• As security investments focus on immediate value, Quantum Computing will continue to move forward.
Prediction: 5G accelerates deployment of PKI: As more 5G capable devices become available, 5G transformation will accelerate in 2021, as will the recognition and adoption of scalable, cloud-native security solutions. Indian Indian Prime Minister Narendra Modi recently stressed upon the fact that India needs to work together to ensure a timely rollout of 5G technology to leapfrog into the future and empower millions. Because of this, deployment of PKI will grow, as will demand for modern automation solutions.
Prediction: Surge in eCommerce sites: Both B2B and B2C eCommerce sites will continue seeing a huge traction as people are shopping online owing to certain restrictions in place. A report published by IBEF said that the Indian e-commerce market is growing at a steady pace and is expected to be valued at $200 billion by the year 2026. Owing to this, based on different identifiers like location, attack behaviour, global threat intelligence and IP address, retailers will focus on creating custom web security rules. This would provide them a better view of trusted users and traffic which in turn would enhance their web security.