Predictions for 2021, and for what remains of December
We'll be brief with the predictions today, since the supply chain attack Cozy Bear executed through SolarWinds' Orion Platform rightly dominated today's news. (See more on that attack below, and later today in this afternoon's Pro Policy Briefing.)
Recent speculation about the near future continues to see 2020's threats shaped by the conditions the COVID-19 pandemic has imposed on commerce, work, and study. Orange Cyberdefense argues that the rewards the pandemic presents (in the form of distributed workplaces, stressed organizations, and equally stressed individuals) will tend to push cybercriminals in the direction of greater "professionalism." That trend is reinforced by the widespread availability of more effective commodity attack tools and services. "While highly critical attacks are still kind of rare," Orange says, "we have seen in the past few years a massive shift from low to medium criticality among the incidents we have recorded, reflecting the availability of fairly sophisticated attack tools to less skilled criminals."
They're also seeing an increase in the level of insider threats, and they expect that to continue as well. A Code42 study reaches a similar conclusion about insider risk. Remote work, complicated new working arrangements, a looser grip on access controls, and a lack of planning adequate to the sort of improvisation organizations have been forced into all make their contribution. It's worth noting that much, probably most, of the insider risk people worry about is unintentional and not necessarily malicious.
And data-rich, poorly resourced and defended organizations with large numbers of users in their networks will remain attractive targets. Think, Government Technology suggests, of elementary through high school education.