Consensus in the security sector seems to be that extortion—ransomware in increasingly virulent forms, involving the now-routine sweetener of data theft and the prospect of doxing, and a probable resurgence of shakedowns by threatened distributed denial-of-service—will dominate cybercrime during 2021. Acronis has a useful summary of the grounds for expecting this trend, and Asigra distills five predictions relating specifically to ransomware:
- Expect ransomware attacks on Kubernetes container.
- SaaS-based applications will be targets as remote work remains widespread.
- More attacks will be enabled by artificial intelligence.
- Legislators are increasingly moving toward making ransom payments illegal.
- And managed security service providers should expect more government regulation, including requirements to register with the government.
Recognizing this trend, IBM’s Security Intelligence blog offers five lessons learned from 2020 that organizations ought to consider applying in 2021:
- “Build a Cybersecurity Incident Response Plan” (CIRP). A formal plan, not seat-of-the-pants, stick-and-rudder improvisation.
- Understand that the CIRP is a living document. The adversary adapts and shifts, and so must the defenders.
- Test and exercise the CIRP.
- When you test and exercise the CIRP, make sure the right people participate, and design the exercise to engage and profit them.
- “Try Online Crisis Simulation Training,” an important kind of exercise. And try to gamify it.
So do these predictions come true? If the Black Friday and Cyber Monday experience is any indication, many of the forecasts are accurate, at least in broad outline. Cyberint has found, as expected, a high volume of criminal activity during the holiday shopping season. TransUnion connects the rise in fraud to another trend, bluntly writing, “Holiday fraud concerns during pandemic come true.”
The crooks have their own holiday sales. SpyCloud sees the hoods offering bargains galore in the criminal-to-criminal market.