A Year In Cybersecurity

2020 was an intense year. 2020 put Cybersecurity tactics to the ultimate test. We had to change so many fundaments in the way we lived and worked that put our lives and offices in such volatile situations that tested our resilience in every way possible. This volatility fueled a boom of cybercrimes, and we witnessed record-breaking ransomware and phishing attacks. These attacks did not discriminate. They were prevalent in every single industry, including those who were not accustomed to receiving these attacks. Through our partner, ID Agent, we are spotlighting the top five cybersecurity trends of 2020 and their impact on today.

2020 Trend #1:
Phishing Boomed Exponentially:

What happened?

A lethal combination of unsettled workers hungry for information about a terrifying global pandemic, unprecedented lockdowns forcing a rapid shift to virtualization, and a higher reliance on email as the primary form of communication created a prime opportunity for cybercriminals. Phishing attacks increased more than 660%, culminating in COVID-19 becoming Google’s most prominent phishing topic in history.

Now what?

Phishing remains the No.1 cybersecurity threat for businesses. Although 2020 was a record-breaker, by the end of January, Google recorded a 27% increase in phishing sites in 2021. Improvements in security awareness training that include phishing simulation are vital for businesses to mitigate this risk. Increasing your staff’s phishing resistance can slash your company’s chances of experiencing a damaging cyberattack up to 70%.

2020 Trend #2

Third-Party and Supply Chain Risk Hit the Breaking Point:

What Happened?

The wealth of information already existing on the dark web from prior years’ data breaches combined with even more details from bid data breaches early in 2020 worked in bad actors’ favor. It provided abundant fuel for cyberattacks that impacted businesses. Over 90% of U.S. businesses experienced a cybersecurity incident like a data breach in 2020 because of a third-party or supply chain fault. Worldwide, over 60% of data breaches were the result of exposure through a third party.

Now what?

Third-party and supply chain risk stole the show for parts of 2020, with two especially egregious breaches that spoke to the intertwined nature of today’s businesses and today’s threat. With supply chain cyberattacks expected to cause $6 trillion worth of damage in 2021, companies must take precautions against the impact of third-party data breaches by adding fail-safe measures, like secure identity and access management with multi-factor authentication, to prevent unauthorized intrusions.

2020 Trend #3

Pandemic-Triggered Remote Workforce Shift Exposed Cybersecurity Weaknesses:

What Happened? A sudden shift to remote work, an exceptionally stressed workforce, and a tsunami of cybercrime created significant business challenges. Companies were forced to switch to all-remote operations without notice, exposing unprepared workers and insecure systems to risk with disastrous consequences. One study showed that remote workers caused half of all data breaches and exposed businesses to 78% more insider threats, while over 60% of remote workers interacted with phishing emails.

Now what?

Remote work is here to stay—the percentage of workers whose jobs are permanently remote to double in 2021. Companies have discovered the benefits of having flexible operations and a workforce that can get the job done anytime, anywhere. To address the added risk of supporting a remote workforce and to be prepared for future emergencies, organizations must focus on developing cyber resilience that ensures they are ready for anything.

2020 Trend #4

Ransomware Lurked Around Every Corner:

What Happened?

A massive increase in phishing brought about a correspondingly enormous rise in ransomware, with an eye-popping 715% increase in ransomware attacks. Ransomware costs are expected to reach $20 billion in 2021, and it is estimated that a ransomware attack takes place every 11 seconds.

Now What?

Organizations must make defending against ransomware one of their top IT priorities. Since the primary delivery system for ransomware is phishing, increasing the frequency and variety of phishing awareness training is vital. Studies show that a minimum of one campaign every four to six months is required for retention.

2020 Trend #5

Dark Web Danger Increased as Cybercrime Surged:

What Happened?

A perfect storm of factors led to an ideal window of opportunity for cybercriminals, and they pounced on it. Dark web activity increased by 44%, with a corresponding 80% jump in overall cybercrime. Bad actors hit two in five SMBs.

Now What?

Cybercrime risks will continue, and damage is expected to reach $6 trillion in 2021. Over 60% of the information that was already on the dark web by January 202 could be used to damage businesses. Even more, data made its way to the dark web in 2020, with an estimated 22 million new records added to the mix. This data will be used to facilitate new cyberattacks, including hacking, phishing, business email compromise, and credential stuffing. Companies must keep an eye on the dark web danger to mitigate risks and spare themselves from unpleasant surprises.

To say that 2020 was an impactful year would be an understatement. Our world was turned upside-down, flipped sideways, and then spun in a circle. We were affected by so many things; we changed how we lived and worked, and we came out on the other side with more knowledge. Now, we must take the information that we learned and use it to benefit us in the future. Today is the day better to prepare your business with the armor of cybersecurity readiness. Contact your Pendello Solutions team today and let us help you build a solid front line of defense.