Five ransomware predictions for 2021

Issue 9 2020 Information Security

For one reason or another, many people were looking forward to ringing in the new year, cyber criminals among them. They had a banner 2020, wreaking havoc on data centres and costing the world trillions of dollars.

The business of ransomware is booming to a point that CyberSecurity Ventures predicts an attack every 11 seconds in 2021. Businesses, while already navigating more remote employees and changing commerce trends, will also need to account for increased cyber threats. With certain patterns already developing, data integrity company Index Engines makes the following predictions for the effects of ransomware in 2021.

1. Concentrated attacks

Cyber criminals will concentrate attacks on the most critical industries, including healthcare and manufacturing organisations. While financial services will always be a target, they often have more infrastructure invested in protecting their corporate data assets. Cyber criminals want easy money and will heavily pursue less guarded and more vulnerable industries.

The global health crisis has already made healthcare a prime candidate for delivering ransoms. The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services released an advisory to the healthcare and the public health sector in October 2020 about Ryuk attacks. These, unfortunately, will continue.

Manufacturing organisations have built out an IT infrastructure that relies heavily on networks of communication with suppliers. These Internet-enabled networks increase their vulnerability and makes them easier targets.

2. More sophisticated attacks

Cyber criminals are deploying advanced technology, including machine learning, to aid them in penetrating security defences. We have seen attacks in 2020 that hid inside virtual machines and cached copies of data to circumvent traditional security software. In 2021 you can be assured that cyber criminals will ramp up their game and find new and sophisticated methods of attacking organisations. This presents an overwhelming challenge to real-time security solutions that will struggle to keep up.

What can be done? Organisations need tools with advanced analytics to examine the content of their data, including critical infrastructure, as a last line of defence. You can be assured that at some point in 2021 you will be attacked, so check your data’s integrity to ensure it is protected.

3. More focus on recovering from an attack

Cyberattacks are becoming more intelligent. Criminals are spending increased dwell time to determine how to cause the most destruction and also looking for the most sensitive content that, when stolen, will cause the most harm to an organisation, resulting in higher ransom requests. Ransoms from recent attacks are skyrocketing to the tens of millions of dollars. Organisations will find themselves spending significant budget recovering from these attacks, including man-hours dedicated to recovering their business operations.

Forensic analysis reporting will become critical in understanding the who, what, where and when of an attack. Using advanced reports to inspect the data and understand the evidence of what occurred will streamline the recovery process and allow an organisation to minimise business downtime.

4. Renewed focus on data governance

In 2020, cyber criminals added a new tactic to their arsenal. They started to steal sensitive data and publish it on the Internet for the world to see: sensitive patient records, legal contracts, intellectual property. This content will cause much harm and embarrassment to any company.

With cyberattacks now becoming data breaches, organisations will need to ramp up their data governance initiatives. They will need to know what sensitive data exists, where it is, and how they can secure and protect it. Otherwise they will be facing fines due to new regulatory initiatives including the GDPR in the EU.

5. Backup infrastructure will see a transformation

Backup has not seen a lot of innovation over the last decade. There was tape and then disk. Much of the analyst conversations end here: “It’s just backup, another copy of data.” It’s been left to accumulate in the mountains for decades with little management or thought.

But cyberattacks have generated a renewed focus on backup. It’s often the only solution for recovering from an attack. And there are newer, better backup solutions that have expanded into cyber recovery solutions that provide sophisticated analytics, smarter machine learning, and isolated air-gaps for added security with confidence. These are currently being utilised by early adopters and organisations that have already gone through an attack. These better backup/cyber solutions are quickly becoming the industry standard.


Jim McGann.

Staying ahead of cyberattacks

CyberSense, from Index Engines, provides advanced data analysis software that scans backup data to check integrity, monitors files to identify changes indicative of cyberattack, and provides forensic reporting to diagnose and recover from corruption.

CyberSense uses a combination of full-content-based analytics and machine learning to detect if an attack has occurred. If attack vectors are identified, CyberSense provides forensic tools to diagnose and recover, including reports on files that were impacted so they can be replaced with the last known good version to ensure business operations return to normal with minimal downtime. CyberSense is available through Index Engines and has been integrated in the Dell EMC Cyber Recovery isolated vault solution.

Find out more at www.indexengines.com/cybersense

Jim McGann has extensive experience with the eDiscovery and Information Management in the Fortune 2000 sector. Before joining Index Engines in 2004, he worked for leading software firms, including Information Builders and the French based engineering software provider Dassault Systèmes.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Making a mesh for security
Information Security Security Services & Risk Management
Credential-based attacks have reached epidemic levels. For African CISOs in particular, the message is clear: identity is now the perimeter, and defences must reflect that reality with coherence and context.

Read more...
What’s in store for PAM and IAM?
Access Control & Identity Management Information Security
Leostream predicts changes in Identity and Access Management (IAM) and Privileged Access Management (PAM) in the coming year, driven by evolving cybersecurity realities, hybridisation, AI, and more.

Read more...
The challenges of cybersecurity in access control
Technews Publishing SMART Security Solutions Access Control & Identity Management Information Security
SMART Security Solutions summarises the key points dealing with modern cyber risks facing access control systems, from Mercury Security’s white paper “Meeting the Challenges of Cybersecurity in Access Control: A Future-Ready Approach.”

Read more...
Securing your access hardware and software
SMART Security Solutions Technews Publishing RBH Access Technologies Access Control & Identity Management Information Security
Securing access control technology is critical for physical and digital security. Every interaction between readers, controllers, and host systems creates a potential attack point for those with nefarious intent.

Read more...
From friction to trust
Information Security Security Services & Risk Management Financial (Industry)
Historically, fraud prevention has been viewed as a trade-off between robust security and a seamless customer journey, with security often prevailing. However, this can impair business functionality or complicate the customer journey with multiple logins and authentication steps.

Read more...
Phishing and social engineering are the most significant risks
News & Events Information Security
ESET Research found that phishing accounted for 45,7% of all detected cyberthreats in South Africa, with higher-quality deepfakes, signs of AI-generated phishing websites, and short-lived advertising campaigns designed to evade detection.

Read more...
Zero Trust access control
Technews Publishing SMART Security Solutions CASA Software NEC XON Editor's Choice Access Control & Identity Management Information Security
Zero Trust Architecture enforces the rule of ‘never trust, always verify’. It changes an organisation’s security posture by assuming that threats exist both inside and outside the perimeter, and it applies to information and physical security.

Read more...
OT calculator to align cyber investments with business goals
Industrial (Industry) Information Security Security Services & Risk Management
The OT Calculator has been developed specifically for industrial organisations to assess the potential costs of insufficient operational technology (OT) security. By offering detailed financial forecasts, the calculator empowers senior management to make well-informed decisions.

Read more...
Protecting high-value data from AI
CASA Software Infrastructure Information Security Products & Solutions
As artificial intelligence accelerates the speed and sophistication of cyberattacks, protecting high-value data, such as financial records, legal files, patient data, intellectual property, and compliance records, has never been more urgent.

Read more...
Integrated security key to protecting cloud applications
Infrastructure Information Security
Cloud-native applications have transformed the way businesses operate, enabling faster innovation, greater agility, and enhanced scalability. Yet this evolution brings an equally complex security landscape.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.