Every December, analysts make predictions about the key events in the following months. These lists range from the most obvious (ex. ransomware will be a big risk in the next 12 months) to the most industry insider (ex. investments in endpoint security cloud services from Europe precisely will grow by 2.4%), which may be of little use for most CISOs.
Rather than make our own forecast, we decided to review all cybersecurity predictions for 2021 that we could find, identify the five most common ideas, and discuss what we believe will actually happen in 2021.
1. Attacks against healthcare industry will increase drastically in 2021
Cyberattacks on healthcare facilities in the U.S. [in 2020] alone have affected 17.3 million people in 436 breaches tracked by the U.S. Department of Health and Human Services (HHS) Breach Portal. Malicious actors often attack healthcare providers because medical records are best-sellers on the Dark Web and are challenging to track and can sell for up to $1,000 each (Forbes).
This prediction is disturbing, as medical files contain extremely personal and confidential information. Having these records floating around the dark web is a significant concern, especially when we know that malicious actors publicly post samples of their data for sale.
The healthcare industry represents a somewhat soft target, as its expertise is in saving life and promoting health, not in protecting the confidentiality of patient files. Cybersecurity can therefore be an afterthought in some hospitals and caregiving facilities, which may lead to either malicious or accidental data leaks.
The advent of the pandemic has also moved many organizations online in a matter of days. While doctors used to keep physical medical files and meet their patients in person, they now use telemedicine tools and record digital medical notes. This has created a vast new pool of medical files that can be stolen by malicious actors.
While we expect to see the number of breaches in the healthcare industry increase over 2021, we foresee significant investments in cybersecurity divisions to stem the flow of data breaches.
2. AI will increase the security of devices and networks
Threat actors will leverage machine learning to accelerate attacks on networks and systems, according to security firm BeyondTrust. ML engines will be trained with data from successful attacks. This will allow the ML to identify patterns in the defenses to quickly pinpoint vulnerabilities that have been found in similar systems and environments (BeyondTrust).
As in most industries, the role of artificial intelligence in cybersecurity has been exaggerated for decades. While academic papers published in the 1980s were already discussing the role of artificial intelligence in this field, we have yet to see much concrete evidence that true artificial intelligence – not simple regular expression queries – is playing a significant role in securing today’s networks.
For years, machines have competed against each other in hacking challenges, where one seeks to identify and repair security vulnerabilities, while the other tries to abuse them to take over a simulated network. These have yet to materialize in a commercial product that actually improves cybersecurity.
Just as the year of the Linux desktop is always around the corner, the year of artificial intelligence cybersecurity is yet to come, but it is unlikely that 2021 will reach that milestone.
3. The costs of cybercrime will increase drastically in 2021
Cybersecurity Ventures expects global cybercrime costs to grow by 15% per year over the next five years, reaching $10.5 trillion annually by 2025, up from $3 trillion in 2015. Cybersecurity Ventures finds that if cybercrime were measured as a country, it would be the world’s third-largest economy after the U.S. and China.
The cybersecurity industry is known for its lavish statistics, often based on guesses rather than actual analysis. There have been a few more serious efforts to actually measure the true costs of cybercrime, which we reviewed in the past. The conclusion of these studies is always that measuring the costs of cybercrime, as that of any crime, is an almost impossible task, especially when looking at the issue at global level.
Yet there is no denying that cybercrime costs increased in 2020, and will continue to do so in 2021. An investigation by Radio-Canada, in which we participated, showed that fraudsters could expect to make six-figure returns per month. The new COVID-19 related Government programs were prime victims, and contributed to the increase in cybercrime costs for society.
Canada is now publishing thought-provoking statistics on cybercrime through its Survey of Cyber Security and Cybercrime (CSCSC). This is a good first step in generating insightful knowledge about cybercrime at national level. The survey reports that Canadian businesses spent CAD$14 billion on cybersecurity, a figure that does not include cybercrime losses. If the whole world spent as much as Canadian businesses on a per capita basis, the direct costs of cybercrime could be estimated at CAD$2.8 trillion, a far cry from the statistic mentioned above. Moving forward, your company should take into account statistics about cybercrime, but be careful as to what statistics it bases its decisions on.
Integrate the world’s easiest to use and most comprehensive cybercrime database into your security program in 30 minutes.
4. Accidental data leaks will continue to grow
Insider threats, mostly accidental, will be responsible for 33% of data breaches in 2021, and will witness an 8% increase, Forrester predicts.
Given the remote workforce, and the shift towards cloud services, even in small and medium businesses, your company’s confidential information is uploaded on remote servers now more than ever. This does not necessarily translate into more risks, since encryption and communication protocols allow for effective and secure management of remote databases.
There are, however, many risks associated with cloud services. We have already explained how sudden policy changes in cloud services could force you to jump to a new cloud service with little to no warning. This could contribute to configuration issues in your new service, and ultimately an accidental data breach.
Employees are also building their own shadow IT infrastructure by using unlicensed cloud services that are not managed by your security teams. Employees may believe that the service they’re using is secure, and configured properly, but that is often not the case.
As a result, accidental leaks will continue to grow significantly in 2021. Malicious actors pose a significant risk to your company, but they are not alone. Accidental leaks are becoming more common and your digital risk protection solutions should provide visibility into what your employees are publishing online to minimize your risks of data breaches.
5. A Credential Stuffing Crisis
Credential sources are expanding, online services are growing and consumer behavior isn’t changing. It all means more account takeovers, more big brands in the headlines and more individuals making claims of being ‘hacked’ in 2021. (Troy Hunt in Cybersecurity Magazine)
This is a sad but probably true prediction for 2021. Credential stuffing is the practice of using a leaked credential to take over an account for which no data breach occurred. If your Netflix username and password are leaked online, could they possibly be used to log into your Spotify account?
The recent Cit0day data breach that exposed over 226 million email addresses and passwords is one in a long series of credential leaks with significant impacts. Indeed, malicious actors test the leak credentials on multiple services, and take advantage of password reuse to take over accounts. As long as people reuse the same passwords on multiple websites, credential stuffing will pose a significant risk for companies.
There are a number of solutions companies can implement to prevent credential stuffing. For example, most financial institutions require their customers use their card number rather than email address to log in. The card number is unlikely to be used to register a cloud service, and makes it harder to launch credential reuse attacks. Two-factor authentication and passwordless authentication are also very effective to prevent credential stuffing. Both require that the person logging in has access to your phone, email or SMS, which increases the bar to take over accounts.
Moving people to a new authentication scheme can take a long time, and we see a future where credential stuffing will no longer be an issue. However, 2021 is unlikely to be that year. We expect this issue to increase in the coming months, while companies train their employees and customers on how to better secure their accounts.
Conclusion
2020 was the year of ransomware, with the development of double extortion ransomware tactics that multiply the impact of the attack. This threat, while at the forefront of news stories, was not the only threat companies faced, as the cybersecurity threat landscape complexity only increased throughout the year.
2021 is a difficult year for predictions, with strict lockdowns still being imposed in many countries. The pandemic has impacted how companies operate, especially in how they handle confidential information. Companies that never opened their databases to the internet now have to provide access to remote workers.
No matter what the threat, intelligence remains at the heart of any solution. The good news is our ability to monitor malicious actors, as well as employees’ use of cloud services, has continued to increase throughout the year. This provides us with an understanding of the criminal underground, and of your digital footprint, that reduces the risks your company is facing. That is, of course, until artificial intelligence solves all your cybersecurity issues, right?