Nothing is more difficult than making predictions. For this reason I did not do any “predictions for 2021 cyber security” posting before year 2021 started. Instead of trowing out wild ideas what might be coming, I have collected here some trends other people have predicted or reported.
The State of internet security in 2020 was hard. The trends that stormed last year will continue long to 2021: “Rapidly accelerated digital transformations, opportunistic phishing campaigns, discontinuity of information security operations and financial constraints are creating the perfect storm in a COVID-19-disrupted world.” Last year trend was Instead of ‘bring your own device’, these days it’s rather ‘bring your own office’.
2020 was a bumper year for cybercriminals, and this boom is expected to continue into 2021. 2021 Cybersecurity and IT Failures Roundup article presents you Lessons learned from the many failures, interruptions, crimes and other IT-related setbacks that made the news in 2020. Smart cyber security people have read about them and learned their lesson.
Kaspersky’s top three cybersecurity predictions for 2021 are increase in targeted attacks, attacks that are more disruptive exploiting contemporary issues and we will continue to have frequent and significant data breaches. I can pretty much agree on those. Cybersecurity must adapt to counter new threats in a transformed world
Head of Europol’s European Cybercrime Centre: there are no systems that cannot be breached article says that humankind has to choose between evolution by digitization, and stagnation. Naturally, the world is moving ahead. We can’t be naive and expect that bad things will not happen along with it. “We can’t be naive and expect that bad things will not happen along with it. Resilience is important.”
In 2021 Trend Micro predicts that cybercriminals will look to home networks as a critical launch pad to compromising corporate IT and IoT networks. New Cybersecurity Threat Predictions for 2021 article points out the the traditional network perimeter has been replaced with multiple edge environments, WAN, multi-cloud, data center, remote worker, IoT, and more, each with its unique risks.
DDoS attacks: Big rise in threats to overload business networks. Cyber attackers are threatening to take organisations offline with DDoS attacks if they aren’t paid bitcoin by a deadline – but victims are being urged not to give in to demands.
One sure bet is that ransomware attacks will only escalate further over this year. Pay-or-Get-Breached Ransomware Schemes Take Off in 2021. In 2020, ransomware attackers moved quickly to adopt so-called “double extortion” schemes, which means that first they encrypt your data so you can’t access it and then they say they will publish your most secret data for other people to see if you don’t pay up. Ransomware victims that have backups are paying ransoms to stop hackers leaking their stolen data.
Modern cybercrime is becoming increasingly open-sourced which means that already some of the most sophisticated and notorious cybercriminals are utilizing open-source tools to conduct their criminal activities and this will increase.
Trend Micro survey results claim that AI set to replace humans in cybersecurity by 2030. I am just wondering what this claim means and have people who have answered to the survey really understood AI and cyber security? My predictions is that we will need humans and AI and even traditional solutions for a long long time.
The lack of people with cyber security skills is still a problem for many companies because AI will not replace them any time soon. There are different views how the situation has developed. Cybersecurity Skills Shortage Falls for First Time article claims that that shortfall in skills has therefore dropped from 4.07 million last year to 3.12 million. As The End Of 2020 Approaches, The Cybersecurity Talent Drought Gets Worse article says that information technology industry has a real problem on its hands – and it’s only getting worse. While cybercrime grows exponentially, businesses are facing a severe cybersecurity talent drought. The supply of available, qualified security professionals is insufficient and the competition for services has dramatically increased. Some companies try to make claims that they have invented a “silver bullet” for educating cyber professionals like This educator claims to have invented an entertaining way to learn cybersecurity. Some of the cyber security issues move to cloud, so we need more people who know security and cloud. The Cloud Talent Drought Continues (And Is Even Larger Than You Thought)
Hackers leverage sophisticated and novel techniques to break into networks article tells that recent SolarWinds and JetBrains attacks are prime examples of why state-sponsored attacks are so dangerous. The hackers leveraged sophisticated, novel techniques to break into networks and obtain backdoor access to government agencies and enterprises. Expect to see more break-ins connected to those incidents and expect more similar incidents that have not just year been revealed.
Want to avoid having your online accounts hacked? Enable two-factor authentication. Better than the best password: How to use 2FA to improve your security article tells that this is a crucial security measure that requires an extra step when signing in to high-value services. The article explains how to set up 2FA and which accounts to focus on first.
A new version of OWASP Top-10 is coming this year. OWASP Top-10 2021 Statistics-based proposal article tries to make an OWASP Top-10 2021 predictions calculated by understandable metrics, make everyone able to reproduce the results, and present to an entire community for the feedback.
Privacy is an illusion. But that‘s a good thing article says that everyone’s information is available. It doesn’t matter who you are. Some people would pay lots of money to get that privacy illusion back and some just don’t care. With the Death of Cash, Privacy Faces a Deeply Uncertain Future article says that in One Future We have a Private, Anonymous Alternative to Cash but in the Black Mirror Future the Money in Your Pocket Knows Everything About You. Cash is dying that’s for sure. There are still ways to sen anonymous emails and it is a good idea to prepare to your digital life after death.
Ransomware attacks will explode in 2021 article claims that the Capitol riot and its aftermath makes the case for tech regulation more urgent, but no simpler. Against increased regulation there are freedom of speech sounding issues like Should Jack Dorsey be able to silence the president of the United States? Whether the storming of the US Capitol was an attempted coup, an insurrection, or an assault on democracy is merely a question of semantics. The US is now the focus of global instability. EU chief warns over ‘unfiltered’ hate speech and calls for Biden to back rules for big tech.
Legal requirements for IoT security start to emerge article tells that legislative activities are starting to make security a legal requirement for consumer IoT designs to have vaguely defined “reasonable security features”. US Government is beginning to create legislation mandating IoT security. The US House of Representatives, for instance, introduced H.R. 1668 – The Internet of Things Cybersecurity Improvement Act of 2020. There are NIST recommendations such as NISTIR 8259 — Foundational Cybersecurity Activities for IoT Device Manufacturers. EU introduces a cyber security IoT standard to protect its citizens and ENISA Publishes Guidelines on Securing the IoT Supply Chain.
7 Cybersecurity Predictions for Smart Buildings and Infrastructure for 2021: Continuous patch management and security updates, OT transparency for IT stakeholders, Natively secure OT network, Cloud-based access to remote sites instead of VPN, Zero touch onboarding, More cybersecurity in small facilities, Certified cybersecurity products and solutions.
IoT security is still complicated. For many development teams, the idea of building cybersecurity into their IoT design can seem daunting. 6 essential activities to help developers build in IoT cybersecurity article gives some ideas to improve cyber security in your IoT development.
2,204 Comments
Tomi Engdahl says:
let’s take a look at the world’s most dangerous bears, dragons, and kittens.
Click to jump ahead:
Cozy Bear (APT29)
Lazarus Group (APT38)
Double Dragon (APT41)
Fancy Bear (APT28)
Helix Kitten (APT34)
https://cybernews.com/editorial/the-worlds-most-dangerous-state-sponsored-hacker-groups/
Tomi Engdahl says:
https://buywapsite.com/index.php/2021/02/03/top-10-hardware-hacking-tool-2021/
Tomi Engdahl says:
‘No Evidence’ Of Election Fraud In Battleground States, Statistical Analysis Finds As Trump Continues False Claims
https://www.forbes.com/sites/alisondurkee/2021/02/19/no-evidence-of-election-fraud-in-battleground-states-statistical-analysis-finds-as-trump-continues-false-claims/?utm_campaign=forbes&utm_source=facebook&utm_medium=social&utm_term=Gordie
A new MITRE Corporation analysis of eight battleground states’ election results found there was “no evidence of fraud, manipulation, or uncorrected error”—including involving Dominion voting machines—further emphasizing the presidential race wasn’t “stolen” or fraudulent even as former President Donald Trump and his allies continue to push those claims.
The analysis, done by MITRE’s nonpartisan National Election Security Lab, looked at presidential election results from Arizona, Florida, Georgia, Michigan, North Carolina, Ohio, Pennsylvania, and Wisconsin, with a focus on several “anomalies” that have been held up by some in the GOP as evidence of potential fraud.
In response to a far-right conspiracy theory that Dominion Voting Systems’ voting machines fraudulently flipped votes to Joe Biden, researchers compared results from different vendors’ machines and found “there was no statistical difference” that would suggest votes on Dominion machines were changed.
Tomi Engdahl says:
Quantum network is step towards ultrasecure internet
Experiment connects three devices with entangled photons, demonstrating a key technique that could enable a future quantum internet.
https://www.nature.com/articles/d41586-021-00420-5
Tomi Engdahl says:
Think your backups will protect you from ransomware? What do you think the malware attacked first?
Immutablity or vulnerability – it’s your choice
https://www.theregister.com/2021/02/17/protect_yourself_from_ransomware_webcast/
If you think your backup strategy means you’re protected from the worst that cyber-criminals can throw at you, we’ve got some bad news. Ransomware creators know all about backups, too.
So, if you are unlucky enough to get a “pay up or else” notice, there’s a very good chance that the attacker in question has already been stealthily working their way through your systems for some time, ensuring your recovery data has already been comprehensively trashed.
Which means that a speedy recovery is off the table, and that you, your organization, and possibly your customers, suppliers, and partners are all totally are the mercy of the miscreants.
Adopting a defence in depth approach is part of the solution, and everyone should be doing this anyway. But what if you could ensure that your backups were indeed beyond the reach of attackers, ensuring your organisation is able to bounce back from ransomware and other attacks, with timely, complete data?
end-to-end encryption can ensure backups really are immutable.
Tomi Engdahl says:
For threat actors, cyberinfrastructure is akin to a cash-filled vault – the head of IBM
https://cybernews.com/security/for-threat-actors-cyberinfrastructure-is-akin-to-a-cash-filled-vault-the-head-of-ibm/
For thousands of years, criminals were targeting most capital-rich ventures. Since billions of dollars lie behind cyberinfrastructure, there is no reason for a wave of cyberattacks to recede. Tech companies need to step up to combat intrusions, says IBM’s Arvind Krishna.
Cybercrime has been on the rise in the past years. Data analyzed by researchers at Atlas VPN show that worldwide, cybercrime cost over $1 trillion in 2020 alone. The growth of damages since 2013 has been staggering, with the volume of financial harm inflicted by criminals shooting up threefold.
Tomi Engdahl says:
https://haveibeenpwned.com/PwnedWebsites
Tomi Engdahl says:
Drone Swarms Are Getting Too Fast For Humans To Fight, U.S. General Warns
https://www.forbes.com/sites/davidhambling/2021/01/27/drone-swarms-are-getting-too-fast-for-humans-too-fight-us-general-warns/
Tomi Engdahl says:
Google on maailman vaarallisin yhtiö, sanoo asiantuntija – nämä seikat ovat siihen johtaneet: “Raharikkaiden valta hallita koneistoa kasvaa”
https://www.mtvuutiset.fi/artikkeli/google-on-maailman-vaarallisin-yhtio-sanoo-asiantuntija-nama-seikat-ovat-siihen-johtaneet-raharikkaiden-valta-hallita-koneistoa-kasvaa/8046154#gs.tknntp
Tomi Engdahl says:
How an automated pentesting stick can address multiple security needs
Used for offensive and defensive purposes, a penetration testing device can be configured to perform automated checks on network security and more.
https://www.techrepublic.com/article/how-an-automated-pentesting-stick-can-address-multiple-security-needs/
Tomi Engdahl says:
The satellite-hacker’s guide to the space industry: don’t panic (yet)
https://cybernews.com/security/the-satellite-hackers-guide-to-the-space-industry-dont-panic-yet/
Tomi Engdahl says:
Former LulzSec Hacker Releases VPN Exploit Used to Hack Hacking Team
A security researcher has released an exploit for SonicWall VPNs that was originally found by Phineas Fisher in 2015.
https://www.vice.com/en/article/dy85nz/former-lulzsec-hacker-releases-vpn-zero-day-used-to-hack-hacking-team
Tomi Engdahl says:
US government pushed tech firms to hand over source code
Obtaining a company’s source code makes it radically easier to find security flaws and vulnerabilities for surveillance and intelligence-gathering operations.
https://www.zdnet.com/article/us-government-pushed-tech-firms-to-hand-over-source-code/
Tomi Engdahl says:
https://www.cyberscoop.com/nsa-juniper-backdoor-wyden-espionage/
Tomi Engdahl says:
Laura on töissä alalla, jolla on hyvät palkat ja valtava pula osaajista – kun Vastaamon tietomurto tuli julki, valkohattuhakkerin puhelin alkoi soida
Kyberturvallisuusalalla tarvitaan tuhansia tekijöitä hyväpalkkaisiin hommiin. Hyvishakkeri Laura Kankaala hankki oppinsa Googlesta ja Youtubesta.
https://www.is.fi/menaiset/tyo-ja-raha/art-2000007771828.html
Tomi Engdahl says:
Google deploys Chrome mitigations against new NAT Slipstreaming attack
After the discovery of NAT Slipstreaming 2.0 attack this week, Google says it will block Chrome traffic on ports 69, 137, 161, 1719, 1720, 1723, 6566, and 10080.
https://www.zdnet.com/article/google-deploys-new-chrome-mitigations-against-new-nat-slipstreaming-attack/
Tomi Engdahl says:
https://pentestmag.com/course/cybersecurity-testing-for-industrial-control-systems-w42/
Tomi Engdahl says:
The Famous Router Hackers Actually Loved
How Linksys’ most famous router, the WRT54G, tripped into legendary status because of an undocumented feature that slipped through during a merger.
https://www.vice.com/en/article/qjpnpb/the-famous-router-hackers-actually-loved
Tomi Engdahl says:
FonixCrypter ransomware gang releases master decryption key
FonixCrypter gang claimed it shut down and deleted their ransomware’s source code.
https://www.zdnet.com/article/fonixcrypter-ransomware-gang-releases-master-decryption-key/
Tomi Engdahl says:
Tutut uhkat kehittyvät – Microsoftin raportti paljastaa kyberrikollisuuden globaalit trendit
https://www.enfo.fi/blogi/tutut-uhkat-kehittyvat-microsoftin-raportti-paljastaa-kyberrikollisuuden-globaalit-trendit
Tomi Engdahl says:
ProtonMail, Tutanota among authors of letter urging EU to reconsider encryption rules
https://www.cyberscoop.com/encryption-europe-tutanota-protonmail-threema-tresorit/
Tomi Engdahl says:
Microsoft: 8 trillion daily signals power our cybersecurity services
https://www.bleepingcomputer.com/news/microsoft/microsoft-8-trillion-daily-signals-power-our-cybersecurity-services/
Microsoft’s security services grew by $10 billion in 2020, as more companies began utilizing their cloud-based security services.
Microsoft released the second quarter of the fiscal year 2021 earnings this week and beat consensus estimates by 7.36%. While most of this growth is attributed to Azure and Xbox, Microsoft’s new blog post shows that security services are becoming a larger part of their revenue stream.
According to Vasu Jakkal, CVP of Security, Compliance and Identity, Microsoft security offerings have generated $10 billion in revenue over the past 12 months and have realized a 40% year-over-year growth.
Tomi Engdahl says:
UK military used malware to disrupt extremist networks
Experts cite WannaCry with warnings that hacking tools have the potential for severe collateral damage
https://www.itpro.co.uk/security/malware/358550/uk-general-reveals-military-use-of-malware-against-isis
Tomi Engdahl says:
https://threatpost.com/ransomware-demands-spike-payments-rise/163744/
Tomi Engdahl says:
Thinking Outside the Box – Data Breaches
https://pentestmag.com/thinking-outside-the-box-data-breaches/
Tomi Engdahl says:
https://www.infosecurity-magazine.com/news/microsoft-1000-hackers-worked/
Tomi Engdahl says:
Hacking: 2.6 million in UK unlikely to take action following a data breach
https://uk.finance.yahoo.com/news/hacking-26-million-uk-unlikely-to-take-action-following-a-data-breach-135721149.html
More than 2.6 million people across the UK are unlikely to take any action following a data breach, according to a study. That’s around 5% of the population based on sample size projection.
According to research conducted by law firm Simpson Millar, a lack of knowledge is likely to blame for the reluctance to take action in the event of personal data being stolen or lost, with more than half (56%) of those surveyed admitting to being unsure of what action to take.
Tomi Engdahl says:
Former spy chief calls for military cyber attacks on ransomware hackers
The most serious ransomware groups should be the target of cyber attacks to disrupt their operations, Ciaran Martin has said
https://www.telegraph.co.uk/technology/2021/02/15/former-spy-chief-calls-military-cyber-attacks-ransomware-hackers/
Tomi Engdahl says:
Is This Beverly Hills Cop Playing Sublime’s ‘Santeria’ to Avoid Being Live-Streamed?
Police officers in Beverly Hills have been playing music while being filmed, seemingly in an effort to trigger Instagram’s copyright filters.
https://www.vice.com/en/article/bvxb94/is-this-beverly-hills-cop-playing-sublimes-santeria-to-avoid-being-livestreamed
Tomi Engdahl says:
https://www.iflscience.com/technology/hacker-attempted-to-poison-city-water-supply-in-florida/
Tomi Engdahl says:
3.2B email and password pairs were just leaked in the mother of all data breaches
https://bgr.com/2021/02/05/data-breach-email-and-passwords-leaked-compilation-of-many-breaches/
Tomi Engdahl says:
https://www.bloomberg.com/amp/news/articles/2021-02-07/a-swiss-company-says-it-found-weakness-that-imperils-encryption
Tomi Engdahl says:
https://cybernews.com/security/the-six-biggest-cyberattacks-of-2020/?utm_source=facebook&utm_medium=cpc&utm_campaign=rm&utm_content=six_cyberattacks&fbclid=IwAR3GdSvFAN8izAPRaxTovB60kDPefbHWaLcwNzo-NAIHI2qhHUqD5Anhscw
Tomi Engdahl says:
Industrial control system vulnerabilities up 25 percent in 2020
https://www.scmagazine.com/home/security-news/vulnerabilities/ics-vulnerabilities-up-25-percent-in-2020/
Tomi Engdahl says:
https://cybernews.com/editorial/otherworldly-bugs-outstanding-software-crashes/
Tomi Engdahl says:
https://www.techradar.com/news/more-than-three-billion-emails-and-passwords-were-just-leaked-online
Tomi Engdahl says:
Google says it’s too easy for hackers to find new security flaws
Attackers are exploiting the same types of software vulnerabilities over and over again, because companies often miss the forest for the trees.
https://www.technologyreview.com/2021/02/03/1017242/google-project-zero-day-flaw-security/
Tomi Engdahl says:
How the NSC can better tackle emerging technology threats
https://www.brookings.edu/techstream/how-the-nsc-can-better-tackle-emerging-technology-threats/
Tomi Engdahl says:
https://peoplecentricsecurity.cio.com/collection/understand-your-people-centric-risk/article/why-ransomware-is-an-ethical-concern-for-cisos?utm_source=idg&utm_campaign=proofpoint25532&utm_medium=facebook&utm_content=smartads&fbclid=IwAR1DY9BB4s8VJ56E91lr-2F1rpQArFM3WO08ym8D7jxOVty6TYMElpyFNeg
Tomi Engdahl says:
Sprite Spider emerging as one of the most destructive ransomware threat actors
Having flown under the radar for several years, the Sprite Spider group is using a ransomware code suite that is effective and hard to detect.
https://www.csoonline.com/article/3604599/sprite-spider-emerging-as-one-of-the-most-destructive-ransomware-threat-actors.html
Tomi Engdahl says:
Fonix ransomware gives up life of crime, apologizes
https://blog.malwarebytes.com/ransomware/2021/02/fonix-ransomware-gives-up-life-of-crime-apologises/
Tomi Engdahl says:
US govt: Number of identity theft reports doubled last year
https://www.bleepingcomputer.com/news/security/us-govt-number-of-identity-theft-reports-doubled-last-year/
Tomi Engdahl says:
https://cybernews.com/security/cybercriminals-are-the-next-generation-of-robbers/
Tomi Engdahl says:
https://pentestmag.com/from-beginner-to-expert-as-penetration-tester/
Tomi Engdahl says:
https://nakedsecurity.sophos.com/2021/02/16/how-one-man-silently-infiltrated-dozens-of-high-tech-networks/
Tomi Engdahl says:
Blockchain Analysis Shows Connections Between Four of 2020’s Biggest Ransomware Strains
https://blog.chainalysis.com/reports/ransomware-connections-maze-egregor-suncrypt-doppelpaymer
Tomi Engdahl says:
CacheFlow: Malware hidden in popular browser extensions went undetected for years
https://portswigger.net/daily-swig/cacheflow-malware-hidden-in-popular-browser-extensions-went-undetected-for-years
Tomi Engdahl says:
Blockchain transactions confirm murky and interconnected ransomware scene
Criminal gangs often use multiple ransomware strains and jump ship from one RaaS (Ransomware-as-a-Service) to another, seeking better deals.
https://www.zdnet.com/article/blockchain-transactions-confirm-murky-and-interconnected-ransomware-scene/
Tomi Engdahl says:
Effects of Biometrics Co-Used with Password
https://pentestmag.com/effects-biometrics-co-used-password/
Tomi Engdahl says:
https://www.arter.fi/tietoturva-nakokulmana-kokonaisarkkitehtuuriin/