Dakota Murphey examines some of the most prominent cyber security threats to businesses and their employees throughout 2021.
As if businesses didn’t have enough challenges to deal with through 2020 with the global pandemic and unsteady political climate, cybercrime was once again on the rise. And according to Interpol, it is not only small businesses and individuals facing attacks, as cybercriminals increasingly targeted large enterprises and corporations.
Not only this, but 2020 was also a year of significant change for working practices and lifestyles. In the UK, the population spent a significant portion of the year either under lockdown or being recommended to work from home where possible. Similarly, the COVID-19 pandemic changed the way that people live their lives – and that has an impact on cyber security too.
In 2021, there are many cyber security threats that have either emerged as a result of the pandemic or have been exacerbated by it. Here we take a look at the biggest cyber security threats facing businesses and organisations in 2021.
As a result of the social distancing measures put in place to combat the coronavirus pandemic, around 50% of the UK population worked from home over the course of 2020 – and that number looks set to continue as the world continues to combat the virus in 2021. There’s no doubt that remote working has a range of benefits for both employees and their organisations – but it’s also an issue for cyber security.
According to cybersecurity specialists Redscan, “when employees work from home, devices no longer sit within the boundaries of a well-defined perimeter. This means that existing network security controls such as firewalls are unable to provide the same level of protection.”
These protections may be taken for granted by members of staff when they were at the company premises, and they may not take the required precautions to remain safe when working remotely.
It is perhaps not surprising that cybercriminals have sought to use the fear surrounding the Covid-19 pandemic as a part of their tactics. Pandemic-related phishing campaigns unfortunately became a major problem over 2020, and this looks like it will only get worse in 2021.
Criminals use phishing emails to trick unsuspecting people into clicking a malicious link or attachment – and using the concept of Covid-19 and the worries around public health that surround it can cause people to be confused and not follow the kind of security best practices that can minimise the issue of phishing.
It is also true that the Covid-19 pandemic caused many businesses to alter the way they work and switch to cloud-based solutions. Just as with remote working, moving to the cloud can actually be a major positive – however, doing it too quickly and not taking the time to get the details right can leave your business vulnerable to cyber attacks.
Many organisations simply did not have the kind of IT expertise to manage this kind of migration effectively, and this leads to misconfigurations and other issues that can leave systems with security weaknesses.
A growing number of businesses and organisations are implementing Internet of Things (IoT) applications and devices in order to enhance customer service, capture data and manage internal infrastructure.
The problem here is that many IoT devices are not designed with security in mind, and may have flaws and vulnerabilities that are both easy to exploit and difficult to fix. If hackers are able to gain control of the IoT devices in an organisation they can potentially use them for access into the rest of the IT system.
Not all vulnerabilities that businesses need to be aware of relate to applications – in fact, in 2021, cybercriminals are increasingly finding weaknesses in the process flow of business operations. Here the cybercriminals are able to take advantage of operational weaknesses in the system for financial gain.
By observing the system, criminals find weak links in the processes. For example, a company might be using an automated invoicing tool, which could itself be vulnerable.
Final thoughts
There are many challenges facing businesses in 2021, but unfortunately, we have to count cyber security as one of the most significant amongst them. Your organisation should be doing everything possible to mitigate these risks and find ways to prevent weaknesses and vulnerabilities in your IT systems.
