2021 to see pandemic-related phishing, increase in botnet attacks: Check Point

Israeli security solutions provider Check Point has predicted an increase in ransomware and botnet threats in 2021.

Covid-19 induced changes will be a key focus area for IT and security teams, as more than 81% of enterprises have adopted mass remote working, with 74% on course to make it permanent, the company said in a blog post. This, in turn, would lead to the emergence of ransomware threats, challenging the security of 5G networks and connected networks, it said.

“One of the few predictable things about cybersecurity is that threat actors will always seek to take advantage of major events or changes – such as Covid-19 or the introduction of 5G – for their own gain,” Dorit Dor, vice president of products at Check Point, said.

In an April study, the firm said that 71% of security professionals had reported an increase in cyber threats since the lockdown started.

Read: Legal activity related to employee privacy to spike 100% in 2021: Forrester

The predictions for the next year were broadly classified into three categories: 5G and IoT related predictions, privacy and cyber-conflicts and Covid-19 related developments. 

Companies must secure distributed networks and cloud deployments to keep their applications and data protected, it said. “The news of vaccine developments or Covid-related restrictions will continue to be used in phishing campaigns by criminals,” it said. 

Stating that there was a 30% increase in cyber-attacks on e-learning platforms in August, the company predicted that attacks would continue to disrupt learning activities in the coming year.

In terms of privacy and cyber-war, Check Point said that hackers were focused on building armies of infected computers to launch attacks. For example, Emotet, which started as a banking Trojan, evolved into a botnet.

Read: Indian cos saw over 25% jump in cyber threats since the start of lockdown: Cisco 

Additionally, cyber attacks by nation states would grow for the purpose of espionage or to influence events in other nations, it said. In fact, as per a recent Microsoft report, threat actors from three countries had launched 89% of nation-state hacking incidents over the past year.

“Over recent years, the focus has been on securing national critical infrastructure, and while this remains essential, it’s also important to recognise the impact of attacks against other state sectors,” the report said. 

It also cautioned companies against deepfake videos as well as simple voice phishing methods, which could be used to bypass voice authentication.

Additionally, the massive volumes of data flowing through healthcare devices, connected cars and smart city applications through 5G connectivity would give hackers opportunities to launch attacks, the report said.

“This massive volume of data from always-on, 5G devices will need to be protected against breaches, theft and tampering to ensure privacy and security against attacks,” the report said.

IoT devices, which would also grow exponentially with the rise in 5G would require a holistic approach in security which would include a combination of traditional and modern controls to protect networks across all industries and sectors.