Dissecting the Sophos 2021 Threat Report to Inform Your IT Security Efforts

Dissecting the Sophos 2021 Threat Report to Inform Your IT Security Efforts

Every year, some of the top IT security companies in the business analyze the prior year’s threat statistics to identify how cyberattacks have evolved and give companies an indicator of where they need to focus their cybersecurity efforts.

One of the first reports out of the gate this year is the Sophos 2021 Threat Report. The report covers IT security trends that have emerged or evolved over the last 12 months.

By looking at the data gathered from data science teams, malware and spam analysis, and cloud security applications, we’re able to better prepare for the next 12 months and beyond.

Cybersecurity is always changing and evolving, which is why Northern Ontario businesses need to do regular IT security assessments and evolve their safeguards to combat the newest attack vectors from ransomware, fileless malware, insider attacks, and more.

Here are some of the key takeaways from this report to inform your IT security efforts this year.

Ransomware is Becoming More Sophisticated & More Expensive

Ransomware continues to be one of the most popular and dangerous forms of malware. Unfortunately, this “product” is working for cybercriminals, bringing in millions in ransom payments, plus stolen data that can be monetized.

Over the past year, the average ransom demand amount has tripled. As of Q3 2020, it was $233,817.30.

Here are some of the reasons ransomware should be considered one of the biggest threats you need to protect against in 2021.

Ransomware Attacks Take Less Time

Due to the evolution of technology through AI and machine learning, planning and executing a ransomware attack now takes much less time than in the past. Attacks now take only hours to complete that used to take days or weeks.

This means that criminals can execute more of them, which has led to the rise in the volume of attacks.

Attackers Are More Coordinated

While there will always be those individual attackers, as a whole, groups conducting ransomware attacks are now more coordinated with large criminal organizations.

The criminal underground has now gone cyber, and ransomware is a particularly lucrative type of attack. Being more coordinated and backed by the money of a larger organization makes ransomware more sophisticated and more dangerous. 

COVID-19 Has Had a Big Impact on Cybersecurity

The pandemic has caused a lot of shifts in the cybersecurity landscape. Not only have attackers increased their volume of attacks to take advantage of the pandemic, remote workers are also becoming a prime target.

Work-from-Home Security Challenges

Companies in Canada and around the world had to quickly pivot to remote working, and many had no experience with how to secure their extended network.

By late summer 2020, 20% of surveyed organizations admitted they’d suffered a security breach due to a remote employee.

Misconfiguration of Cloud Security

A move to new cloud platforms to accommodate a virtual office also left companies at higher risk of a data breach last year. Many adopted cloud platforms and did not configure their security settings in platforms like Microsoft 365 properly.

Misconfiguration of cloud security settings, which also means simply neglecting to put proper security in place, is a major cause of cloud data compromise.

Everyday Threats Continue to Evolve

Threats that don’t fit into other categories, but that you can see in the day-to-day of business operations also continued to evolve and become more dangerous in 2020.

Insider Attacks on Windows & Linux Rising

The Sophos report found that server platforms running either Windows or Linux have been under attack, and often these are insider attacks where a hacker gains access through compromised user credentials.

Remote Working Connections Are Being Targeted

Remote Desktop Protocol (RDP) and virtual private networks (VPN) are both technologies that have risen dramatically in use over the last 12 months.

RDP is used to connect remotely to office resources, a must for many telecommuting employees. VPNs help secure data being transmitted through public or less secure Wi-Fi networks.

The rise in use has caused these to become a renewed focus of attack for hackers looking to gain access to sensitive business data they can use for extortion or sell on the Dark Web.

Attacks Increasing on Nontraditional Platforms

The way we work is changing due to the rise in IoT and mobile devices. As these “nontraditional” platforms have taken on more of our daily business workload, they’ve also come under more attack by cybercriminals.

Mobile Malware Is a Problem

Most smartphone and tablet users don’t think of antivirus being for them. It’s considered something used on traditional desktops and laptops. But mobile malware is a big problem as malicious apps containing malware continue to be added to app stores.

App stores work to remove them, but hackers continually develop code that can pass their scans undetected.

Previously Non-Invasive Malware is Becoming a Trojan

No malware is good to have on your computer, but there are some that aren’t quite as dangerous as others. For example, adware that pops up advertisements is quite annoying, but traditionally it didn’t do much else (e.g., steal data).

But this is changing. Over the last 12 months, there’s been a rise in the use of previously less harmful malware being used as a trojan for the dangerous versions. So, what may look like a simple adware infection can actually be coupled with a virus or spyware.

Schedule a Cybersecurity Audit to Find & Fix Vulnerabilities

Haxxess can help your Northern Ontario business with an expert cybersecurity audit to ensure your current safeguards are adequate for new threats and let you know where any vulnerabilities may be.

Contact us today to schedule a free consultation! Call 705-222-8324 or reach out online.

stay in touch

Subscribe to our newsletter and we'll keep you informed about latest IT news.