In 2020, the world changed overnight in response to the COVID-19 pandemic. As more organisations adopted and accelerated digital strategies – and with most of us relying on the internet to go about our everyday life – cybercriminals were presented with a huge range of new opportunities to exploit. This year will be no different.
Here are five important cybersecurity trends for organisations to look out for in 2021.
1. Phishing and fraud to come to the fore
According to a recent TransUnion survey, 42% of South African households have been targeted by COVID-19-related scams, an increase of 14% since the lockdown started in April last year.
As the F5 Labs 2020 Phishing and Fraud Report showed, attackers are more brazenly opportunistic than ever. During the height of the first waves of the pandemic, phishing incidents were up by a massive 220% compared with the yearly average.
Everywhere you looked, fraudsters were latching onto themes accentuated by the pandemic, including sending fraudulent emails or SMS messages related to emotive issues like health measures, contact tracing, homeworking protocols and charitable donations.
Fraudsters are getting trickier too. Most phishing sites now leverage encryption, with a full 72% using valid HTTPS certificates to trick victims. What’s more, 100% of drop zones – the destinations of stolen data sent by malware – used TLS encryption (up from 89% in 2019).
2. 3D printers used to bypass biometric security
3D printers are more widespread in South Africa since the pandemic started and have been used for everything from aeroplane parts to life-saving masks. Cybercriminals have also taken note.
Think that bogus 3D-printed fingerprints and faces that can pass biometric authenticators represent a distant, sci-fi future? Think again! These types of scams are right around the corner. It won’t require a high-quality scan of a victim, either.
Biometric authentication boils down to probability scoring, and a printable ‘master key’ may look more like a keychain of composable parts than a replica of a person’s face or fingerprint.
3. Bolt-on security will move to the edge
Routing a packet all the way through the internet just to say, “no, this one’s rotten, reject it.” is a waste of resources. Moving products like bot protection and data validation to the edge is the obvious solution and will save both processing time and bandwidth costs.
This has become more of an impetus for organisations seeking long-term, cost-effective digital resilience by adopting multi-cloud infrastructure, applications, and data resources to accommodate business scaling, continuity, and flexible operations of a remote or hybrid workforce.
4. A new wave of data breach announcements
The office landscape changed radically in 2020. Millions of employees switched to remote work in a matter of days and systems scaled quickly. Unsurprisingly, this introduced a host of new risks.
The problem isn’t remote working itself, it’s more that the traffic and activity data started looking different all at once. Just like when somebody disrupts your vision with a torchlight, it takes time to readjust.
Once companies recognise what new breaches look like, we’ll see a flurry of breach announcements within a short time frame. South Africa’s Protection of Personal Information Act (POPI), which comes into force in July this year, will also likely yield prompt more reports of data breaches, as organisations implement systems to ensure compliance.
5. Rolling out 5G will present more of a challenge
The roll-out of 5G across South Africa promises to provide greater access to connectivity and enable new levels of technological innovation. It is worth noting that the deployment of 5G infrastructures represents one of the most challenging next-gen network rollouts ever in terms of scale and scope.
Service providers will need to meet extreme end-to-end bandwidth requirements, as well as deliver highly responsive and low latency connections to a multitude of devices and device types. On top of that, they must protect against new threats and vulnerabilities – all while consumers expect stellar performance, the latest features, and complete security.
Remember, millions of connected devices mean millions of potential back doors for hackers. More than ever, security solutions will have to account for complex attack vectors at massive scale, at every layer, and for multiple threats.