2020 was a watershed year, with myriad unforeseen transformations in the cybersecurity arena. IT Internet consultants have poured over the data in an attempt to unmask the emerging threats. The following cybersecurity stats and trends have been identified in 2021.
For many years, cybersecurity consultants have operated under the auspices of the IT department. Nowadays, IT security consultants enjoy much greater importance, autonomy, and credibility, owing to the unprecedented threats posed to the industry.
There can be no mistaking the high value that cybersecurity professionals bring to companies. PricewaterhouseCoopers (PwC) conducted extensive research, through the Global Digital Trust Insights 2021 Survey, with 3,249 businesses and IT executives who were surveyed about the status of the industry. Naturally, these IT security consultants and high-level officers make it a point to check site safety of all online communications at their companies.
This is easier said than done, given the ubiquity of BYOD (bring your own device) hardware at companies. While cost reductions are a priority, maintaining standards of safety and security are non-negotiable. It is for these reasons that security consultants seek out effective protection mechanisms to shore up company defenses.
Powerful solutions such as community-driven add-ons and extensions such as MyWOT are making their rounds as one of the preferred security measures in 2021. This particular solution blocks harmful content, flags suspicious websites and applications, and generally secures online sessions.
The industry executives who were polled in the survey include CIOs, C-Suite Officers, CFOs, CISOs, and CEOs. The survey was undertaken in July and August 2020. According to the breakdown, some 55% of respondents were high-level executives in big companies valued at $1 billion + in revenues. Of those respondents, 15% were part of companies generating $10 billion + in annual revenues.
The respondents hail from a variety of industries, notably energy, utilities, and resources (8%), health (8%), industrial manufacturing (19%), financial services (19%), retail & consumer markets (20%), tech, media, and Telecom (22%). The majority of respondents in the survey emanate from Western Europe (34%), the USA and Canada (29%) Asia-Pacific region (18%), South America (8%), Eastern Europe (4%,) the Middle East (3%), and across Africa (3%).
What Are the Main Stats and Trends?
- Inactive user accounts number 1,000+ among 58% of respondent countries. According to the Varonis 2021 Financial Services Data Risk Report, 4 in every 10 survey companies featured 10,000+ inactive users. This poses a significant and imminent risk to the safety and security of companies.
These inactive accounts serve as easy access points for cybercriminals to hack into a company’s mainframe and servers. The easy solution is to simply deauthorize all inactive accounts or to remove them completely from the system.
- In 2021, the costs of cybercrime activity are expected to exceed $6 trillion in damages alone. This was reported by Cybersecurity Ventures. Additionally, global cybercrime will rise markedly to around $10.5 trillion per year within the next four years. The size and scope of these damages must be viewed in perspective. Consider that the entire gross domestic product of the USA was $21.44 trillion in 2020.
- The majority of data breaches and hacks were motivated by money. The 2020 Verizon Data Breach Investigations Report (VDBIR) confirmed as much, among bad actors, hackers, and insiders motivated by stealing sensitive data for monetary gain.
86% of breaches were motivated by money, and 58% of the victims identifying the reports had personal data compromised during such attacks. Chief among the problems was Personally Identifiable Information.
- Ransomware damage is expected to top out at $20 billion this year. Ransomware is a nefarious practice whereby hackers exploit loopholes in users’ computing systems, to hold them to ransom. According to the Arcserve Report, ransomware damages are going to be 57 times more than they were seven years ago in 2015.
As a case in point, the EternalBlue exploit was used in several attacks, notably, WannaCry with USD damages of $4B, and NotPetya with USD damages of $10B. In the case of EternalBlue, this exploit was developed by the NSA and sent to a hacker group in 2017. This ransomware exploits execution vulnerabilities in Windows servers.
What Are Some of The Cybersecurity Predictions For 2021?
- Targeted supply chain attacks will continue
- Ransomware attacks will grow in size, scope, and complexity
- C-Suite will focus tremendous energy on patch management
- Businesses will have to adjust based on lockdowns and remote workers
- Multi-factor authentication (2FA) will evolve at an unprecedented rate this year
- Cloud-based computing will face a tremendous cybersecurity onslaught in 2021
- Major cybersecurity targets will include construction, energy, mining, transportation
These predictions are part of a much bigger cybersecurity set of concerns. Foremost among them is the low rate of prosecution among US IT security agencies of these criminals. It is estimated that just 0.05% of detected cybersecurity attacks will be prosecuted.
The Internet crime complaint Centre (IC3) is continually being inundated with calls about cybercrimes, yet there are 3 areas that make it difficult to prosecute, notably the legality of activities which is currently not enforceable with any legislation, the jurisdiction where the cybercrime activities taking place and the lack of reporting overall.
300% Spike in Cybercrimes Reported to the FBI
While the Crime Complaint Center reported a 300% spike in reported cybercriminal activity during 2020, the actual figures are markedly higher. Consider that on January 14, 2020, all Windows devices running Windows 7 effectively met their end. No additional patches were supported, making security vulnerabilities a reality for all Windows 7 operating systems. In other words, all Windows 7 PCs, notebooks, and tablets are effectively persona non grata.
Of course, much of the threats we are seen unfolding in 2021 related to Ransomware cybersecurity concerns. By the end of this year, global damage is expected to top out at $21 billion. To combat the scourge, an estimated 9/10 IT departments have implemented restrictions on Internet access to guard against Ransomware attacks.
While Ransomware is a high-only priorities list, malware is not to be outdone either. In January 2021, a total of 15.224 million new malware applications were found. These pose a clear and present danger to businesses globally. The problem with malware is that most of it is polymorphic. This is a characteristic of malware that allows it to change source code to prevent detection.