Top 7 Cyber Threats of 2021

It’s a fallacy to think that crazily sophisticated cyber attacks should be the top priority for anyone responsible for data security. Those types of attacks only represent a tiny fraction of the losses which make up the multi-billion-dollar hacking industry. No, that’s not where limited budgets and resources should be initially focused. Instead, start by refocusing on the basics and stop 96% plus of the malicious attacks which could compromise your business.

We won’t talk about having updated antivirus solutions on every system and device because it’s 2021, and if you haven’t got that rooted into your consciousness yet, this list will just seem like a foreign language, but feel free to give it a go anyway.

And just because it’s 2021, that doesn’t mean the actual threats have changed that much from last year, but they have been polished, updated and amid all the confusion and chaos 2020 brought with it, the opportunities for criminal hackers and state-sponsored cyber attackers to find success have risen exponentially.

So what kinds of cyber threats are you facing in 2021?

1) Phishing / Spear Phishing

If there is a true scourge in the world of cybersecurity, phishing, and its counterpart spear phishing, top the list. They are forms of social engineering, meaning they rely on deception and target the weakest link in any cybersecurity chain – the human element. Hackers thrive on the path of least resistance, so why bother spending sleepless nights trying to figure out how to navigate a security minefield with little chance of success if you can find a simple way to just ask for the keys, and get them! A vast majority of the costliest data breaches and cyber attacks in history started with a phishing/spear phishing email.

Phishing is the most common because it can be used as a mass blast concept and relies on statistical chances of success to be profitable. They’ll pretend to be something common, like PayPal, Amazon, or some other largely used service, and try to convince you to click a link or open an attachment to deliver a malicious payload, or simply try to trick you into divulging the user credentials to your account.  Spear phishing takes more work on the hacker’s part, it is much more personalized. They’ll research a company or individual, spoof the sender address to make it look like it comes from a trusted source, they may even make fake websites to fool staff and management alike into thinking it’s legitimate. They may even trick someone in the organization to authorize payment transfers to fraudulent accounts under the guise of being a known client.

The key to combatting phishing and spear phishing is enterprise-wide awareness on what to look for, and regular testing simulations to drive it all home.  GDF can help you with both.

2) Smishing (SMS phishing)

Smishing is based on the same concept as phishing, but instead of relying on an email to do the dirty work, these bundles of joy come in SMS/text form. It will look like it’s coming from your bank or another popular service and ask you for credentials. Beware of security alerts and offers pushing you to act right now. NO real bank is going to ask you to confirm your PIN number or account information via text. And it’s a good plan to not have your credit card information on your phone if at all possible. Messages from strange numbers that don’t look like real mobile phone numbers should also raise flags.  GDF can help with awareness training in this area too.

3) PDF Scams

PDF scams are part and parcel with phishing scams.  They can work in two ways; one is they can contain a malicious payload which launches when they are opened. The other is to make up a realistic looking PDF document that entices you to click on a link within it which sends you to a malicious site to deliver a payload or phish for credentials.  The latter approach is becoming more popular because antivirus solutions can often detect a malicious payload, but a link itself flies under the radar and gets you to travel to a malicious site which can have a more sophisticated payload. Awareness training and penetration testing can help you detect these types of threats before they happen, or see if you’ve already been compromised. Again, this is GDF’s wheelhouse and we can help.

4) Malware and Ransomware

Malware is the most generic term for a variety of malicious payloads designed to damage, disrupt, surveil, or gain unauthorized access to the targeted system or device. Trojans, worms, RATs (Remote Access Tools) and keyloggers are just some of the threats that fall under the banner of malware. But ransomware today deserves a mention of its own. Ransomware is used to cripple an organization’s digitally driven engine and demand a ransom be paid to the attacker to supply the decryption key…hopefully. Once successfully launched, ransomware will encrypt specific types of files on a system or device, leaving it just functional enough to be able to pay the ransom demand, while leaving the organization incapacitated by locking the data and services at the heart of their functionality. Entire municipalities, hospitals, corporate behemoths and government agencies have been brought to their knees for weeks on end due to successful ransomware attacks. Once ransomware has done its thing, there is not much that can be done from the victim’s perspective to reverse it, except pay the ransom and cross their fingers (the FBI does not recommend paying ransomware demands, it only emboldens these types of attacks and there is a good chance you will never get the decryption key even if you do pay). The only real after-the-fact recourse, aside from paying the demanded ransom, is restoring systems from clean offline backups, as ransomware has a way of connecting to and encrypting backups if they are available to the infected system or device. Phishing is the most common vector to introduce ransomware, but not the only one. Since the key to stopping ransomware is doing so before the fact, shoring up your other basics drastically reduces the threat of ransomware.  Just give GDF a call and we can discuss all the ways we can help.

5) Database Exposure

If COVID taught us anything, it’s that we’re all in this great big show together.  What one does can affect others in catastrophic ways, and database exposures are fruit from that same tree. If you have a database compromised, that information can be weaponized in a variety of ways. Client records, PII (Personally Identifiable Information), email addresses, account numbers, user credentials, client histories, PHI (Personal Health Information) are just some of the types of data which can be exposed in a database compromise and used as a springboard for phishing/spear phishing attacks, credential stuffing (more on that next) and more. All that data in a bad actor’s hands can cause a lot of grief for a lot of people, which in turn will cause a lot of grief for you. The first step in securing yourself from a database exposure is knowing where your valuable data resides, and you’d be stunned how many unexpected places can host database information attackers would find valuable that you didn’t even know about.  GDF’s vulnerability assessments, data mapping and penetration testing solutions will help you identify and secure your most valuable digital assets.

6) Credential Stuffing

Credential stuffing is another threat which shows just how ‘together’ in cybersecurity we really are. The cybersecurity failures of others and some common bad habits compound to form the crux of a credential stuffing attack. The cybersecurity failure we’re talking about is someone else’s database exposure - a gaming site, a small business, a big business, anywhere you’ve created an account with login access. If they get breached, your credentials and information can easily find their way to the dark web and get sold to hackers (there are 10s of billions of user credentials for sale as you read this).  Bad actors use these massive lists and sophisticated, automated tools to run countless credential sets against login pages where they can transform access into financial gain, like a bank account. Their tools allow them to try thousands upon thousands of combinations with the ability to adjust timing, source IP addresses and other logged information which make it virtually impossible to distinguish their attempts from legitimate traffic. The bad habit we were talking about - reusing passwords.  A hacker may not know where you bank, but chances are your bank is on one of their target lists. So if you reuse the same email address and credentials for that coupon company you signed up with, who suffered a database exposure, the hacker has the keys to your account. GDF can help you with password policies and testing to help significantly reduce your risk to credential stuffing attacks.

7) Insider Attacks

Insider threats are by far the most dangerous because the deceiver is already inside the gates, no need for social engineering, they have already been given trusted access. They could install malware of any stripe, steal data directly, cripple systems, install surveillance, execute transfers, or do anything else they have access to achieve, including covering their tracks. GDF’s background in both the cybersecurity and digital forensics fields allows us to provide you with solutions on both fronts, from significantly improving your cybersecurity posture, to electronic exit interviews to uncover suspicious employee activity.

*Global Digital Forensics is a recognized industry leader in the fields of computer forensics, cyber security and emergency incident response, with years of experience assisting clients in the government, banking, healthcare, education and corporate arenas. For a free consultation with a Global Digital Forensics specialist, call 1-800-868-8189 about tailoring a cost-effective plan which will meet your unique needs, without wasting resources on solutions you simply don’t need. Emergency responders are also standing by 24/7 to handle intrusion and data breach emergencies whenever and wherever they arise. Time is critical if a cyber incident has occurred, so don’t hesitate to call 1-800-868-8189 for immediate help. For more information, visit GDF's cyber security page.

You can also fill out the form below today and we'll contact you soon to discuss your vulnerability assessment, penetration testing, data mapping and phishing/spear phishing/social engineering testing needs.