Cybersecurity trends to watch in 2021

Issue 9 2020 Information Security

In 2020, the world changed overnight in response to the COVID-19 pandemic. As more organisations adopted and accelerated digital strategies – and with most of us relying on the Internet to go about our everyday life – cybercriminals were presented with a huge range of new opportunities to exploit. This year will be no different. Here are some important cybersecurity trends for South African organisations to look out for in 2021.

Phishing and fraud to the fore

According to a recent TransUnion survey, 42% of South African households have been targeted by COVID-19 related scams, an increase of 14% since the lockdown started in April last year.


Alain Tshal.

As the F5 Labs ‘2020 Phishing and Fraud Report’ showed, attackers are more brazenly opportunistic than ever. During the height of the first waves of the pandemic, phishing incidents were up by a massive 220% compared with the yearly average. Everywhere you looked, fraudsters were latching onto themes accentuated by the pandemic, including sending fraudulent emails or SMS messages related to emotive issues like health measures, contact tracing, home working protocols and charitable donations.

Fraudsters are getting trickier too. Most phishing sites now leverage encryption, with a full 72% using valid HTTPS certificates to trick victims. What’s more, 100% of drop zones – the destinations of stolen data sent by malware – used TLS encryption (up from 89% in 2019).

If we look ahead, there are two major phishing trends on the horizon. As a result of improved bot traffic (botnet) security controls and solutions, attackers are starting to embrace click farms. This entails dozens of remote ‘workers’ systematically attempting to log onto a target website using recently harvested credentials. The connection comes from a human using a standard web browser, which makes fraudulent activity harder to detect. Even a relatively low volume of attacks has an impact.

As an example, Shape Security analysed 14 million monthly logins at a financial services organisation and recorded a fraud rate of 0,4%. That is the equivalent of 56 000 fraudulent logon attempts, and the numbers associated with this type of activity are only set to rise.

Shape Security researchers also recorded an increase in the volume of real-time phishing proxies (RTPP) that can capture and use multi-factor authentication (MFA) codes. The RTPP acts as a person-in-the-middle and intercepts a victim’s transactions with a real website. Since the attack occurs in real time, the malicious website can automate the process of capturing and replaying time-based authentication such as MFA codes. It can even steal and reuse session cookies.

3D printers versus biometric security

3D printers have been used for everything from aeroplane parts to life-saving masks. Cybercriminals have also taken note. Think that bogus 3D-printed fingerprints and faces that can pass biometric authenticators represent a distant, sci-fi future? Think again! These types of scams are right around the corner. It won't require a high-quality scan of a victim, either. Biometric authentication boils down to probability scoring, and a printable ‘master key’ may look more like a keychain of composable parts than a replica of a person's face or fingerprint.

Bolt-on security will move to the edge

Routing a packet all the way through the Internet just to say, “no, this one's rotten, reject it” is a waste of resources. Moving products like bot protection and data validation to the edge is the obvious solution and will save both processing time and bandwidth costs. This has become more of an impetus for organisations seeking long-term, cost-effective digital resilience by adopting multi-cloud infrastructure, applications, and data resources to accommodate business scaling, continuity, and flexible operations of a remote or hybrid workforce.

A new wave of data breach announcements

The office landscape changed radically in 2020. Millions of employees switched to remote work in a matter of days and systems scaled quickly. Unsurprisingly, this introduced a host of new risks.

The problem isn't remote working itself, it’s more that the traffic and activity data started looking different all at once. Just like when somebody disrupts your vision with a torchlight, it takes time to readjust. Once companies recognise what new breaches look like, we'll see a flurry of breach announcements within a short time frame. South Africa’s Protection of Personal Information Act (POPIA), which comes into force in July this year, will also likely yield more reports of data breaches as organisations implement systems to ensure compliance.

The 5G challenge

The rollout of 5G across South Africa promises to provide greater access to connectivity and enable new levels of technological innovation. It is worth noting that the deployment of 5G infrastructures represents one of the most challenging next-gen network rollouts ever in terms of scale and scope. Service providers will need to meet extreme end-to-end bandwidth requirements, as well as deliver highly responsive and low-latency connections to a multitude of devices and device types. On top of that, they must protect against new threats and vulnerabilities – all while consumers expect stellar performance, the latest features, and complete security.

Remember, millions of connected devices mean millions of potential back doors for hackers. More than ever, security solutions will have to account for complex attack vectors at massive scale, at every layer, and for multiple threats.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Cybersecurity needs actual intelligence before artificial intelligence
Information Security AI & Data Analytics
Cybersecurity depends on interpretation. A tool can tell you that something unusual has happened, but people need to determine whether it is a genuine risk, the business impact, and how to respond without causing unnecessary disruption.

Read more...
Duxbury Cybersecurity sharpens reseller offering
Duxbury Networking Information Security News & Events
Duxbury Networking has strengthened its Duxbury Cybersecurity business unit by adding WatchGuard and Cynet, giving South African resellers broader, more integrated coverage for the security risks customers are now asking them to address.

Read more...
NEC XON detects and stops ransomware attack
NEC XON Information Security IoT & Automation
Ransomware attacks rarely begin with chaos. More often, they start quietly, with probing, mapping, and patient reconnaissance inside a target’s network. That was the situation facing a global recruitment firm when cybercriminals attempted to navigate its systems.

Read more...
Sara AI Pentesting available in South Africa
Information Security News & Events
Synack and Wolfpack Information Risk are offering Sara AI Pentesting to organisations across South Africa, helping companies move from point-in-time testing to continuous security validation with AI and human expertise.

Read more...
Sophos establishes South African legal entity to strengthen local operations
News & Events Information Security
Global cybersecurity company, Sophos, has announced the formation of its local legal entity, which will support local invoicing, partner enablement, compliance requirements and expanded regional investment.

Read more...
Cybersecurity in a digitally connected security industry
SA Technologies Information Security IoT & Automation
As more organisations move towards digital visitor management, cloud-based access control, mobile applications, biometric verification, and connected security platforms, cybersecurity must be viewed as part of the full security environment.

Read more...
Enterprises must prepare for digital conflict
Information Security
Cyberattacks can be launched remotely and at scale. A coordinated attack launched from anywhere in the world can disrupt supply chains, shut down utilities, or expose millions of customer records within minutes.

Read more...
71% of organisations suffered an identity breach
News & Events Information Security
The State of Identity Security 2026 report from Sophos finds human error and poor non-human identity management are the root causes of most attacks, as agentic AI accelerates the risk.

Read more...
Cyber resilience is the real defence
Security Services & Risk Management Information Security Infrastructure
Cyber resilience has evolved into a form of strategic agility, ensuring that when an interruption occurs, the business does not just survive; it snaps back into place before the market even notices a pause.

Read more...
You will not get your files back with VECT
Information Security
If the newbie to the ransomware scene, VECT, comes knocking at your organisation’s door, do not pay the ransom! The decryption keys simply do not exist. They were discarded at the moment of encryption by the malware itself.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.