Emerging Cyber Security Threats of 2021

Throughout 2020, the world has witnessed innumerable uncertainties in economies, people, and livelihoods. Though cybersecurity hygiene is a common practice, the pandemic has brought in a new set of threats that are associated with employees working from home. With almost 90% of the employees working from home, there is a need to alter the common cybersecurity hygiene checklist amid new kinds of ransomware, phishing, and malware incidents during the pandemic.

New Cyber Security Threats of 2021

The newer kind of threats that pandemic has brought-in will continue to evolve in 2021 as well. In this blog, we will understand the predictable new threats that are going to be in action for the year 2021.

Covid-19 Related Phishing Scams will Continue

Following are the potential cyber risks that have surfaced after the birth of COVID-19, and their preventive measures to be considered

Phishing Attacks/Websites Preventive Measures

  • Cybercriminals are leveraging coronavirus to intrude into organizations’ systems by sending phishing emails pretending to contain information about the virus. These emails may contain malicious content that drops malware onto the victim’s computer.
  • An organization must create awareness among their employees about such attacks and ask them to verify the email sender address, not to clink the links, and to report any suspicious acts to the cybersecurity personnel immediately.

 Risks Associated with Employees Working From Home

  • As a part of Corona’s preventive measure, most organizations are allowing their employees to work from home. Home networks are often the easiest way for intruders to corrupt the organization’s network. All the employees must be asked to access organization data only through the VPN recommended by their security teams.

AI and ML are felicitating Attackers

Today most of the cybercrimes reported across the world are carried out by bots and are automated, highly sophisticated, and more complex. So it is clear that cybercriminals are weaponizing digital technology, abusing IoT devices to produce massive attacks at a scale that becomes difficult to tackle.

AI and ML allow organizations with disruption detection models and defensive responses, this helps them in mitigating the threat even before it attacks. In response, the malware attackers are creating machine learning models for finding new vulnerabilities that can escape from any AI-based firewalls.

Machine learning models for Phishing: Attackers still use Phishing for distributing Ransomware, but now use advanced machine learning models that can draft the most convincing fake emails that pretend as human-composed mail. Hackers are developing these models with the right “training data” about the target, with this the hacker’s job is done. Now the bots take control, these bots can create thousands of malware-loaded emails within no time. These bots also have the intelligence to find the right message, tone, and subject and send emails much like a human. These types of AI-enabled emails can easily evade spam filters.

Hidden attacks: With AI and ML models, hackers are being successful in evading an organization’s security measures by creating destructive hacks that are less visible. Today IoT is everywhere and not every user of IoT is a security professional, thereby it is very much easier for the bots to hijack IoT endpoints and manipulate data, infect the entire system, and still remain undetected.

Distributed Denial of Service (DDoS) Attack

In today’s modern business landscape the number of Denial of Service (DoS) attacks is exponentially growing – both in frequency and intensity and these kinds of attacks may surge in 2021.

A Denial of Service (DoS) attack is something that a cyber-attacker intends to disrupt the legitimate users’ (i.e. employees, members, or account holders) access to a server or a website resource, by flooding it with malicious traffic or by sending data that triggers a crash.

In DoS attacks, an attacker uses a network of hijacked computers. This network is used to flood the target site with phony server requests, leaving no bandwidth for legitimate users.

Ransomware Attacks in 2020-2021

REvil Ransomware

It is the top ransomware for the year 2020-21. It is a file encryption virus that infiltrates into the system encrypts all the files and demands money from the victim and they are forced to pay the money via bitcoins. The attackers will double the ransom rate if the victim doesn’t stick to the timeline for clearing the payment.

Sodinokibi Ransomware

It also known as Sodin, is a type of REvil ransomware. It first spread in 2019, using a zero-day vulnerability in the servers of Oracle Weblogic. This vulnerability was later fixed, but the attackers made use of software installers to spread Sodin. Sodinokibi ransomware has a configurable structure, due to which it can process the following things when activated

  • Making use of CVE-2018-8453 weakness to expand one’s authorization.
  • Encrypting mobile or web drivers that have not yet been taken to the whitelist.
  • Averting resource conflict by concluding blacklisted projects.
  • Deleting files that are in the blacklist.
  • Transferring the system data to the attacker that belongs to the target.

Nemty Ransomware

It is different from other ransomware, it acts like a ransomware service.  It was a version of RaaS (Ransomware as a Service), here the clients were able to spread these versions in their preferred way. Phishing emails were widely used to spread this malware. When the victim is infected with Nemty, they have to pay 30% of the ransom to the Nemty developers and the remaining to the clients.

Nephilim Ransomware

As per cybersecurity researchers, Nephilim Ransomware is just like Nemty, as they both have similar resource codes, designs, and attitudes. They both threatened the victims to pay the ransom, or else they would publish the sensitive data. This type of ransomware was largely found in large-scale industries, the attackers managed to encrypt victims’ data by using the vulnerability of a remote desktop network and VPN.

NetWalker Ransomware

It is one of the modern variations of ransomware, also known as Mailto. NetWalker-using attackers, majorly targeted the remotely working employees, Governmental agencies, corporations, and healthcare organizations.

In the list of 2020-2021 Ransomware attacks, NetWalker is one of the most destructive malicious software. NetWalker encrypts all Windows devices. It uses a configuration including ransom notes and file names. Cybersecurity researchers have identified that NetWalker follows two different ways to attack. One through Phishing emails about Coronavirus and the other through executable files that spread through networks.

Leave a Reply

Your email address will not be published. Required fields are marked *