Ransomware and fileless malware to present increased threat in 2021, predicts ESET

Next story

Bratislava, December 3, 2020  After a year in which the COVID-19 pandemic upended the way we live, work and socialise, we are likely to see an increased threat from ransomware and fileless malware in 2021, according to the latest trends report from ESETCybersecurity Trends 2021: Staying secure in uncertain times explores the predictions of experts from the global cybersecurity firm, revealing the key challenges expected to impact consumers and businesses in 2021.

 

Trend #1: The future of work – embracing a new reality

The advent of the COVID-19 pandemic has ushered in mass implementation of remote working, which has seen a heavier reliance on technology than ever before. This shift away from the office has brought benefits for employees, but it has also left companies’ networks vulnerable to attack.

Jake Moore, ESET Security Specialist, commented, “We have all learned that working remotely can benefit organisations; however, I don’t think that we will continue to work remotely five days a week. More employees around the world will naturally and effortlessly migrate to what works for them and their businesses. As more and more of our working and home lives become digitised, cybersecurity will remain the lynchpin of business safety. Cyberattacks are a persistent threat to organisations, and businesses must build resilient teams and IT systems to avoid the financial and reputational consequences of such an attack.”

 

Trend #2: Ransomware with a twist – pay up or your data gets leaked

With ransomware attackers seeking greater leverage to coerce victims into paying, as well as upping the ante in ransom demands, the stakes are increasing for victims. Exfiltration and extortion may not be new techniques, but they are certainly growing trends.

Tony Anscombe, ESET Chief Security Evangelist, commented, “Companies are becoming smarter, deploying technologies that thwart attacks and creating resilient backup and restore processes, so the bad actors need a ‘Plan B’ to be able to monetise their effort and build resilience into the attack, rather than being reliant on a single form of threat.

“Thwarted attacks or diligent backup and restore processes may no longer be enough to fend off a committed cybercriminal who is demanding a ransom payment. The success in monetising due to a change of technique offers cybercriminals an increased chance of a return on investment. This is a trend that, unfortunately, I am sure we will witness more of in 2021.”

 

Trend #3: Beyond prevention – keeping up with the shifting sands of cyberthreats

In recent years, cybercriminal groups have turned to using increasingly complex techniques to deploy highly targeted attacks. Some time ago, the security community began to talk about “fileless malware” attacks, which piggyback on the operating system’s own tools and processes, and leverage them for malicious purposes. These techniques have gained more traction recently, having been employed in various cyberespionage campaigns and by various malicious actors, mainly to hit high-profile targets such as government entities.

Camilo Gutiérrez Amaya, ESET Senior Security Researcher, noted, “Fileless threats have been evolving rapidly, and it is expected that in 2021 these methods will be used in increasingly complex and larger-scale attacks. This situation highlights the need for security teams to develop processes leveraging tools and technologies that not only prevent malicious code from compromising computer systems, but that also have detection and response capabilities – even before these attacks fulfill their mission.”

 

Trend #4: Bad vibes – security flaws in smart sex toys

With new models of smart toys for adults entering the market all the time, research has shown that we are a long way from being able to use smart sex toys without exposing ourselves to the risk of a cyberattack. Now these findings are more relevant than ever, as we are seeing a rapid rise in sex toy sales as a reflection of a global health crisis and the social distancing measures related to COVID-19.

Cecilia Pastorino, ESET Security Researchers, commented, “The era of smart sex toys is just beginning. The latest advances in the industry include models with VR (Virtual Reality) capabilities and AI-powered sex robots that include cameras, microphones and voice analysis capabilities based on artificial intelligence techniques. As has been proven time and time again, secure development and public awareness will be key to ensuring the protection of sensitive data, while we empower users to become smart consumers who are able to demand better practices from vendors in order to maintain control of their digital intimacy in the years to come.”

 

For more information on the trends set to impact the world in 2021, read ESET’s Cybersecurity Trends 2021 in full.

 

About ESET 
For more than 30 years, ESET® has been developing industry-leading IT security software and services to protect businesses, critical infrastructure and consumers worldwide from increasingly sophisticated digital threats. From endpoint and mobile security to endpoint detection and response, as well as encryption and multi-factor authentication, ESET’s high-performing, easy-to-use solutions unobtrusively protect and monitor 24/7, updating defences in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company that enables the safe use of technology. This is backed by ESET’s R&D centres worldwide, working in support of our shared future. For more information, visit our website or follow us on LinkedInFacebook, and Twitter.