Holiday Cyber Scams: How to Identify and Avoid Them!

Cybersecurity in 2021: What to expect in the coming year – Jim Schirtzinger, XLN SYSTEMS

As any particular year comes to a close, it is typical to look back at everything that has happened. We celebrate the good, mourn the losses, and try to learn from mistakes. Most will agree that 2020 was an unusual year by any standard, highlighted by a major pandemic, lockdowns, civil unrest, and a controversial presidential election. Rather than dwell on all of the bad that came from 2020, it is time to look ahead to 2021 with anticipation and hope for a return to some form of normalcy. Unfortunately, no matter what improvements are made over 2020 (An effective virus vaccine? A calming of political tension? A robust economic recovery?), Cybersecurity will remain a constant and urgent need for everyone both commercially and privately. With that in mind, what new threats should we expect to face in the digital realm as we turn the page from 2020 to 2021?

2020 saw a huge increase in connected devices as more and more people were forced to work outside the normal office environment. This increase in remote work created ample opportunities for bad actors to infiltrate corporate databases through less reliable and unregulated home Wi-Fi networks. As we move into the new year, it is expected that the number of people working remotely will at least stay somewhat constant, if not increase as measures to contain the spread of Covid-19 continue to ramp up (despite the introduction of early vaccines). This larger attack surface (increased use of unsecured consumer IoT) will enable cyber criminals to exploit vulnerabilities that remain difficult to manage with so much of many company’s workforce accessing sensitive data from many remote locations instead of a single secure location. In 2021, it will be more important than ever for those working from their home office to be diligent and mindful of threats that could be lurking around every website and email. For more information on how to avoid many of the common scams, check out our article on Holiday Cyber Scams.

In addition to remote work concerns, Ransomware will be an expanding threat in 2021 as well. Data remains the most valuable asset of many organizations, which is why Ransomware threats have become so effective. With many Ransomware groups focusing on targeting cloud environments, and disaster recovery and backup systems, the theft and leaking of data may become an even bigger problem than it has been in the past. But data will not be the only target of Ransomware attacks in the coming year. Supply chains and industrial production lines will be increasingly targeted by attackers as company’s fight to stay competitive in an ever-changing marketplace. More and more consumers are making online purchases that require supply and production systems to work at optimum efficiency to keep up with demand. Disruptions to these systems from industrial ransomware attacks could be devastating to a company trying to remain competitive. In addition to robust Cybersecurity measures to protect their cloud-based databases and supply chain systems, companies will need to increase awareness of these threats among their employees to help insulate against them. An educated workforce will be the first and best defense against cyber criminals in 2021.

Finally, the new year will see an increase in the use of Artificial Intelligence (AI) and machine learning as a means for both digital thieves attacking organizations, and IT teams defending against those attacks. There will be a fierce arms race among both cyber criminals and cybersecurity professionals to stay in front of the emerging technology in order to obtain the upper hand in their use. Hackers are using AI enhanced malware to “fool” defense systems by mimicking machine learning models in a way that forces them to malfunction or shut down. This kind of attack presents a wide variety of problems for Cybersecurity teams who are working hard to keep the models a step ahead of the attacks. The good news, is that there is a relatively small number of cyber criminals who have the advanced level of knowledge and expertise needed to mount an effective AI and/or machine learning attack. As the technology becomes more accessible, affordable, and more user friendly, that knowledge gap will diminish, giving more and more criminals the means of exploiting the technology for nefarious reasons. Technology remains a double-edged sword!

Cybersecurity is more important than ever. 2021 will bring many new challenges, but we can still defeat the threats if we remain diligent and focused on taking the steps needed to obtain an “affirmative defense” (per. Ohio Data Protection Act – SB 220). It is recommended that every company (big or small) in Ohio engage in a comprehensive Cybersecurity Assessment as a means of assessing their ability to defend against and recover from a potential digital threat. There are several sets of standards, regulations, and best practices that can be used to provide your company that “affirmative defense”, which will not only help protect your assets, but those of your customers, clients, and partners as well. Be prepared for whatever 2021 may have in store!

 

Jim Schirtzinger is the Director of Technology Resources for XLN SYSTEMS, and has been with the company since 2019. XLN SYSTEMS is based in Columbus, Ohio, and is a provider of Cybersecurity Assessments for companies of all sizes and in all verticals and industries. Founded in 1991, our company was built on a foundation of honesty and transparency. We care about doing things the right way, and we take pride in solving problems ethically. Contact us today to find out more about how we can help your company become Cyber Compliant. https://www.XLNsystems.com/