2020 has been a year unlike any other the world over. However, with vaccination programmes being rolled out 2021 can only get better. If there have been any silver linings it’s that far more people now have an acute sense of how important cyber security is. But what can we expect during 2021? Of course there will be potholes and pitfalls that need to be avoided and new attack methods developed but there will also be advancements in protection.  Read on to find out more.

Phishing mails exploit Covid-19 vaccination programmes

As vaccination programmes roll out cyber criminals will exploit uncertainty and launch phishing campaigns related to vaccinations that claim to be from local authorities and healthcare organisations. These scams will also take the form of SMS messages, and whether email, text or even phone calls, will have the ultimate aim of stealing personal data either to be used in identity fraud or simply to plunder bank accounts.  For instance, an email may have a message that says the recipient needs to provide personal information in order to confirm their vaccination or a payment is required before a vaccination can be made. These phishing emails need to be guarded against as well as websites that claim to offer helpful information but are really designed to steal personal data.

Brands sell direct, data breaches grow

Covid-19 has led to a bloodbath on the high street but online sales have soared. As a result brands will increasingly look to sell directly to consumers rather than relying solely on distributors and retailers. To enable this, brands will develop more apps and evolve their websites to reach out directly to consumers. However, it’s an almost certainty that security flaws will lead to consumer data breaches. As a result the importance of protecting personal data will become front of mind for many.

Internet of threats drives cyber security awareness

As 5G networks begin to roll out on a large scale the number of connected Internet of Things (IoT) devices will expand hugely. IoT devices are still a weak link in security and as the number of connected devices grows the inherent vulnerabilities in many will pose a major threat to networks. As a result, there will likely to be the stirring of combined government and industry driven action to ensure security standards are set for IoT devices using these networks whether they are connected baby alarms, door systems, remote CCTV systems, smart speakers and other devices.

Machine learning continues to advance

Machine learning played an increasingly important role in threat detection during 2020 and its role will become ever more important during 2021. Used for the detection of advanced and low-incidence rate threats without human intervention in endpoint security software, it is critically important for zero-day threat detection and keeping pace with the continual assault on privacy and security.  Different types of machine learning techniques are already being custom-built to address specific problems in cyber security and 2021 could well see traditional cyber security tools such as firewalls replaced with machine learning firewalls.
 
Deepfakes used for fraud

Towards the end of 2019 criminals used AI software to mimic the voice of a senior executive, tricking a manager into transferring more than £240,000 into a bank account controlled by the fraudsters. This ‘deepfake’ attack, in which video and voice recordings are used to create fake messages designed to con and manipulate people, will become increasingly common during 2021. Targets will likely be high profile, ‘high value’ individuals such as politicians and CEOs, with some messages designed to manipulate large public audiences.

Remote workers continue to be a target

During 2020 remote workers were a focal point for cyber criminals and this will continue into 2021. During the past 12 months a lot of businesses were thrown in at the deep end and weren’t set up for remote working. This became evident with the huge surge in VPN sales but since then many businesses have adapted and introduced stringent security protocols for employees.  That said remote workers are far more likely to use their own devices and personal Wi-Fi connection for their work. This makes hacking a much easier job for cybercriminals. As such we can still expect to see a blitz of attacks either by text, instant messaging, phishing emails and third-party applications, as cyber criminals continue to try and catch people out.