In this story, we’ll break down some of the more common cybersecurity risks facing consumers, companies, and government agencies. Unfortunately, there is no shortage of viable threat vectors which can be taken advantage of, leading to billions of dollars stolen and millions of identities taken.
Phishing and Spearphishing Pose Major Threat
The best cybersecurity software can be rendered useless due to a clever phishing attack, which depends on home users – or corporate employees, such as reckless human resources workers – to click on a link that installs malicious code. Known as ransomware, this software locks a computer and forces the victim to either make a payment to unlock the machine, or restore the compromised drive. Companies must focus on teaching employees to better identify potential phishing attempts, ensuring they trust nothing, but verify everything.
Criminals Use Current Events For Their Own Gain
Cybercriminals are keen on making sure they cover a wide variety of threat vectors when looking for vulnerable users to prey upon. The tricksters are capitalizing on heightened anxiety from the pandemic, luring people to recklessly click links – and share the fraudulent phishing attempts – with friends, co-workers, and others. This is a common technique, as the hackers will use natural disasters, government instability, and other high-profile events to launch their scams and other attack plans on select populations. For example, if the Olympics are able to be held this summer in Tokyo, there will be an onslaught of Olympics-themed phishing scams – similar to the scams during the 2018 FIFA World Cup soccer tournament.
Data Breaches Still Plaguing… Everyone
Even when a home user doesn’t do anything to draw the attention of a cybercriminal, it’s possible to get caught up in the never-ending cycle of attacks and data breaches. Although breaches suffered by Home Depot, Equifax, Ebay, and other massive data breaches, there are even more smaller incidents that can still lead to data being compromised. Recently, menswear company Bonobos informed customers’ personal information could have been taken in a breach as well. What has changed in recent years has been the sophistication of some of these attacks – and the severity of consequences once a successful breach has occurred. Everything from personal identifiable information (PII) and medical data to credit card numbers and customer data are extremely lucrative, and sometimes all too easy to successfully steal.
A Look Ahead
We tend to never hear any positive news about cybersecurity, only hearing about all of the negative aspects. That trend will likely continue in 2021, while we tend to hear about data breaches, cyber espionage, and the like – because the threat will remain. Looking ahead, however, cybersecurity investments are expected to increase 10 percent, up to $60.2 billion in 2021, under best case scenario, according to research from the Canalys market analyst firm. Ultimately, if hackers think they can find a way to compromise anyone, they’ll find a way to do it. Google recently warned of a clever social engineering technique aimed specifically at cybersecurity researchers – the very people responsible for keeping clients secure. To combat these evolving threats, US President Joe Biden announced $10 billion earmarked specifically for initiatives aimed at improving the cyber infrastructure in the United States. Companies must create internal protocols to put enterprise security policies in place, better control software licensing and installed products on their machines, and make sure jail broken/rooted devices are not allowed on their networks.
Final Thoughts
Cybersecurity is a never-ending process that should never be taken for granted. In the end, each user should take precautions to make sure anti-malware is always updated, and to be careful on clicking links or installing software from unknown resources. Even with these preventative measures, there will always be a risk of data breaches simply out of our control. Moving forward, there needs to be more focus on being preventive to security threats, instead of reactive once a major breach takes place. The proactive behavior will take time to nurture – and teach – so it’s important to start sooner rather than later, as threats will only continue to evolve.