The following article, Cybersecurity in 2021, What You & Your Business Need to Know — Opinion, was first published on Flag And Cross.
2020 saw an increase in hacking attacks as the COVID-19 pandemic led to a spike in telecommuting globally. As a result, vulnerabilities in networks administrated by individuals and small businesses are being targeted with increased frequency. This trend is expected to continue deep into 2021, and most of the risks posed to small business owners and remote employees can be mitigated with proper education and preparation.
Many businesses find themselves operating with less resources than they previously had as a result of lost revenues related to the global economic downturn. With the attention of many businesses diverted towards the fight to keep their doors open, cybercriminals are set to potentially have their most profitable year ever. That being said, some of the primary online threats to avoid are:
–Ransomware Nets Big Payouts: Opportunistic hackers used the COVID-19 pandemic to make the year 2020 huge for ransomware campaigns. Cyber Insurance provider Coalition backs up that statement, as they reported ransomware as the cause of 41% of cyber insurance claims they received in the first half of last year. In addition, the 2020 Crowdstrike Global Security Attitude Survey reported 27% of ransomware victims having paid ransoms in 2019. Some of the more common variants of ransomware include Lucky ransomware and the Sodinokibi strains.
–Insider Breaches: An unfortunate byproduct of telecommuting as a result of the COVID-19 pandemic has been a rise in employees engaging in criminal misconduct related to the exploitation of data that is now available to them without supervision. Even before COVID, the 2020 Verizon Data Breach Investigations Report reported a disturbing rise of insider breaches that now make up close to a third of data related incidents.
-Phishing Attacks: Phishing is the tried-and-true entry point for most cyber-attacks. Hackers like to send malicious emails near the end of the workday, when most staff are less sharp and watching the clock, to deliver their phishing emails. Just a single instance of an employee clicking on a malicious email is all it takes to give hackers full access to a company’s network.
–Social Engineering Attacks: Database exposure compromises company information via social engineering, which is a form of psychological manipulation that tricks people into divulging confidential information. Hackers use this method to steal login credentials and access a company’s network. Most companies are known to store customer and employee data, financial records or other information including Social Security numbers, on their database.
–Browser Hijacking: Browser hijacking modifies your browser settings to redirect traffic to a hacker’s partner websites. This is done to generate ad revenue. Unsuspecting victims see their browser’s homepage and default search engine being replaced with a fake version of an otherwise legitimate internet search engine. The phony search engine can even insert unwanted banners and ads onto the pages of real websites. Common versions of these attacks involve the Google Redirect Virus and the Yahoo Search Redirect Virus.
–Advanced Persistent Threats: APTs have made news in the fallout of the SolarWinds hacking attack. APTs are now targeting more than just large corporations and government entities. These threat actors use persistent and stealthy techniques to compromise networks and remain inside for an extended period of time. A new wrinkle to the threat sees smaller businesses and individuals that are associated with larger entities being targeted, perhaps as a penetration point into larger groups. Some infamous APT hacking groups are APT29 (Cozy Bear), APT35 (Charming Kitten), APT38 (Lazarus Group) and APT37 (Ricochet Chollima).
Most small businesses are not well-versed in security protocol and are currently struggling to keep their doors open in 2021. For some, one breach is all it takes to close their doors permanently. Now, more than any other time in history, businesses must place a premium on network security. Their very survival may well depend on it.
Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by websites including The Hill, Newsmax, The Washington Times, Real Clear Politics, Townhall, American Thinker and many others.
Continue reading: Cybersecurity in 2021, What You & Your Business Need to Know — Opinion ...