The cybersecurity landscape has always been in flux, with recent changes fueled by the rapidly changing workforce due to the COVID pandemic.
October is Cybersecurity Awareness Month, and one thing is sure. Hackers and security providers will continue to outsmart each other and cybercriminals will get more and more sophisticated.
Here are six cybersecurity trends to know:
Remote Working Risks
Remote work is becoming the new normal. 16% of companies in the world are 100% remote (Owl Labs), and by 2028, 73% of all departments are expected to include remote employees (Source: Upwork.)
While the possibilities, and flexibility, of remote telework are appealing, it has opened avenues for hackers to access a massive amount of sensitive data. Remote workers tend to use personal devices and public Wi-Fi networks, which can lead to data security breaches.
According to CSO Online, “83% of phishing attacks over the past year took place outside the inbox — in text messages or in apps like Facebook Messenger and WhatsApp along with a variety of games and social media services.”
Mobile Device Breaches
Handheld devices are an attractive target for hackers since these small devices can store massive amounts of sensitive personal data. There has been an alarming increase of over 50% more mobile banking malware attacks since 2019.
Smartphone users can also find themselves the victim of SMS phishing (smishing) attacks. This occurs when text messages are sent to users containing links designed to trick them into entering their bank details or login credentials into a fake website for cyber criminals to steal.
FluBot emerged on the scene in 2020 and is one of the most notorious forms of mobile malware. It is used to steal usernames and passwords from banks and other sites the user visits.
Organizations must work to ensure their data security teams add additional layers of employee identity protection to mobile devices. establish strict mobile device security policies, and establish an enterprise mobile training plan to educate employees on how to protect devices, data and passwords.
AI Attacks
The rise in cyberattacks is helping to fuel growth in the market for AI-based security products. The global market for AI-based cybersecurity products is estimated to reach $133.8 billion by 2030, up from $14.9 billion last year, according to a recent article by MSNBC. Unfortunately, cyber criminals haven’t hesitated to monopolize this trend. AI-generated phishing emails have higher rates of being opened than manually crafted phishing emails.
Rising Ransomware Attacks
Ransomware continues to wreak havoc and make headlines. Ransomware damages are expected to exceed $30 billion worldwide in 2023, according to Switzerland-based cybersecurity company Acronis.
2021 was a breakout year for ransomware. Attacks hit supply chains, causing more widespread damage than attacks against a single individual. In January the nation’s second largest school system, the Los Angeles Unified School system, was the victim of a ransomware attack.
Increased Use of Multi-factor Authentication (MFA)
The adoption of multi-factor authentication (MFA) will continue to rise at companies. Even one of the weakest forms of two-factor authentication—two-step verification through SMS text messages—can stop 100% of all automated attacks, 96% of bulk phishing attacks, and three-quarters of targeted attacks, according to Google.
MFA provides much more security than a simple password; however, cybercriminals are finding new ways to bypass it. SMS and voice MFAs, in particular, continue to be vulnerable to assaults because they aren’t end-to-end encrypted.
IoT Vulnerabilities
The Internet of Things (IoT) refers to devices other than computers, phones, and servers, which connect to the internet and share data. Examples include wearable fitness trackers, smart refrigerators, smartwatches, and voice assistants like Amazon Echo and Google Home. It is estimated that by 2026, there will be 64 billion IoT devices worldwide.
IoT devices pose increased risks to a user’s data. If a device is hacked or hijacked, it could essentially listen in and steal information from the network. For instance, hackers often try to hack into connected camera networks or devices to access security systems.
Data breaches can happen to any company, regardless of size and industry. McKinsey & and Company reports that 85% of small and midsize businesses will invest more in cybersecurity, given the exponential increase in ransomware attacks and social-engineered attacks. Utilizing identify theft protection software will help you stay safe in the wake of the latest cybersecurity threats.
