From a cybersecurity perspective, last year was one of the most challenging and disruptive in history. Amidst a viral pandemic, the world was forced further down the path of digital transformation than anyone was prepared. As reported by ZDNet, more records were compromised that year than the last 15 years combined.
Even now, several months into 2021, we’re still feeling the aftereffects — even as far as them influencing the most common type of cyberattack this year.
Ransomware
Ransomware has been the reigning king of attack vectors for the past several years, and 2021 is no exception to the rule. We’re not even halfway through the year, and already we’ve seen multiple high-profile ransomware attacks, including Sierra Wireless, Acer, and the Harris Federation. There’s little doubt that we’ll see more before the year is out.
How to protect yourself:
- Maintain air-gapped, automatic backups.
- Keep all software up to date.
- Train employees to recognize the red flags of phishing emails.
- Maintain a zero-trust environment both within your organization and without.
Supply Chain Attacks
Criminals might tend to seek the path of least resistance, but that doesn’t mean they’re stupid. Compromising the security infrastructure of a major corporation that’s made the proper investments is next to impossible—targeting a vendor or business partner that’s a bit laxer, however?
That’s easy.
How to protect yourself:
- Again, zero trust. Just because something comes to you from a vendor you work with doesn’t mean it’s safe.
- Make a point of only working with organizations that prioritize security to the same extent you do.
- Keep a close eye on your network. Monitor for any suspicious activity.
Zero-Day Vulnerabilities
The recent Microsoft Exchange breach was simply another notch in a troubling trend. Large organizations simply don’t treat cybersecurity with the seriousness it is due. Microsoft, for instance, took two months before it bothered patching the vulnerabilities exploited in the breach, resulting in more than 60,000 organizations being compromised.
How to protect yourself:
Unfortunately, where vulnerabilities like this are concerned, there’s nothing you can do. Install security patches and updates when they become available, and just hope and pray that you aren’t compromised.
Cryptojacking
Cryptojacking is less an attack vector than a motivation. In essence, it involves hijacking a system or endpoint for mining cryptocurrency. There are a few different ways this can happen, but it most commonly involves an infected website or malicious advertisement.
How to protect yourself:
- Keep all your software up to date.
- Use an ad blocker wherever possible. Compromised ad networks are an extremely common avenue for cryptojacking attacks.
- As with all other cyberattacks, a little awareness can go a long way. Train your employees to avoid malicious links and recognize phishing attacks.
Public Infrastructure
Per the Federal News Network, President Joe Biden inherited what amounts to a cybersecurity cold war when he took the presidency. The cold war has now entered the digital realm, and we increasingly see cyberattacks that target critical infrastructure. Public sector agencies must start prioritizing cybersecurity to defend themselves against an increasing tide of state-sponsored attacks.
How to protect yourself:
As a business owner, there’s very little to be done about attacks that target public infrastructure. The best you can do is ensure you’ve crisis management processes in place that will allow you to protect your employees in the event of an emergency.
Last year was rough from a cybersecurity perspective. This year is slated to be just as bad, if not worse. The best any of us can do at this point is prepare.