2020 offered a perfect storm for cybercriminals and a critical tipping point for the cyber arms race
SonicWall President and CEO Bill Conner
Every year we highlight how the cybersecurity threat is increasing, because we know that protecting data and systems is a priority for organisations. But with cybercriminals working constantly to find and exploit any weakness in systems or people, and releasing new threats, it’s difficult to keep up-to-date so you can prioritise your cybersecurity efforts. So, let’s take a look at what happened in 2020 and what that means for your cybersecurity priorities in 2021.
How it started
2020 began and ended with two historic events: the COVID-19 pandemic and the discovery of the SolarWinds supply-chain attack. The pandemic brought global disruption unlike anything seen in generations, fundamentally changing the way we worked, the way we shopped, and how we interacted with each other. The SolarWinds attack was revealed in December and struck the IT world at it’s very centre, triggering a series of events that would impact thousands of organisations, lifting the veil on a type of breach immune to virtually all current defences.
During this period cybercriminals scaled up their efforts to take advantage of the current conditions: the rise of remote working, cryptocurrency prices rising to record levels, a charged political climate, and threat actors weaponising cloud infrastructure and tools - all of which they used to drive the effectiveness and volume of attacks to a new high.
As usual, the attacks focussed on where they saw vulnerabilities and a high likelihood of success; remote workers unaware of the additional risks when outside the corporate network, essential and overwhelmed healthcare facilities, schools and universities trying to deliver a curriculum remotely and ensure students could stay on track.
SonicWall Capture Labs threat researchers tracked these developments, which are all combined into the 2021 SonicWall Cyber Threat report. Here’s a brief overview of what they discovered:
- Record levels of ransomware attacks and cryptojacking linked to record highs in the price of Bitcoin and other cryptocurrency.
- Rapid growth in use of newer Ryuk family of ransomware that continues to gain new capabilities.
- Sharp increase in ransomware attacks targeted at healthcare organisations.
- The pandemic accelerated the adoption of IoT devices which increased IoT malware attacks by 66%.
- Malicious intrusion attempts jump 112% overall — but the nature of these attacks also changed. Directory Traversal attempts jumped from 21% to 34% of total malicious attempts, while RCE attempts lost steam, falling from 21% to 16%.
What does this mean for me?
In 2019 most organisations had the majority of devices on-site within the network with security and updates handled by the IT team. But the rush to survive in 2020 prioritised remote access to systems over robust cybersecurity measures, and the sudden rush on laptop stock (and continued shortages) meant some fell back to letting users access the network via personal devices and often poorly secured Wi-Fi routers. This has created an expanding and less secure cyber attack surface, a fact that cybercriminals have been quick to take advantage of.
The majority of these attacks follow similar patterns and there are some simple tactics you can undertake like enabling multi-factor authentication and ensuring you have the appropriate firewall for your circumstances which will reduce your risk and protect your people, data and reputation.
Shortcut the process of determining your priorities
Simply take our free online cybersecurity capability assessment. It takes around five minutes and gives a simple breakdown of your current risk against 15 essential cyber security areas. You’ll also get an 8-page editable board-level report to help you back up any decisions you make.
Download the full 2021 SonicWall Cyber Threat Report here.