Tomáš Foltýn, security writer at ESET looks back at some of the key themes that defined the cybersecurity landscape in the year that’s ending and give their takes on what to expect in 2021.
2020 has been a year like no other in living memory. It will go down in history for many things, but they all pale in comparison to the disruption wrought by the gravest public health crisis in a century. The COVID-19 pandemic has upended our lives, laying bare our collective fragility and causing many of us to lose whatever sense of control we had over our lives. Even though we’ll soon step into the new year, the world remains firmly in the grip of the virus, making any projections into the future more difficult than ever.
But difficult doesn’t equate to impossible. One ‘thing’ that’s sure to spill over into 2021 is our reliance on technology for various aspects of our daily lives. The virus has made social distancing a way of life, keeping us tethered to our homes all the while throwing many of our plans out of the window. In so doing, it has made us not only hyper-concerned but also hyper-connected, as technology is now more than ever woven into the fabric of modern life.
This includes the world of work, where some pre-existing trends were kicked into overdrive amid the inevitably pell-mell rush to remote working. Worryingly, this shift helped create a near-perfect storm of cybersecurity challenges, as organizations and their newly distributed workforce had to swim (or sink) in the largely uncharted waters of remote work. It’s only natural, then, that one section of this year’s Trends report should examine the potentially indelible mark that the pandemic has left not only on our working habits, but also on the myriad cyber-risks faced by organizations and their off-site employees.
Elsewhere in the report, we highlight another notable trend – the escalation in the ransomware threat. To be sure, this form of cyber-extortion has been going strong for years. However, ransomware operators continue to look for ways to increase the ‘return on investment’ for their malicious operations, including by deploying new tactics that tighten the screws on victims. Indeed, we ponder whether the latest chapters in the ransomware evolution might warrant changing the definition of ransomware itself.
There have, of course, been other notable developments on the malware scene. So-called ‘living-off-the-land’ techniques, which piggyback on an operating system’s legitimate tools and processes and leverage them for malicious ends, aren’t entirely new. However, they’ve gained more traction of late and have, as also demonstrated by ESET researchers, been deployed in sophisticated campaigns against several high-profile targets.
Lastly, we look at another trend to watch out for – new chapters in the Internet of Things (r)evolution. Not ones to be left behind by the rush to connect any and all objects to the internet, smart sex toys are also looking for a place in the sun. Again, this trend is not entirely new, but this doesn’t make it any less unnerving. That is, with IoT applications come vast privacy and security challenges, and those take on a whole new meaning when vulnerable sex toys enter the scene. As ESET research has also shown, the security and privacy features of smart adult toys leave a lot to be desired, highlighting the generally perilous state of affairs in the IoT space.
Make no mistake, though; these are far from the only insights to be gleaned from this year’s edition of the Trends report. COVID-19 has cast a long shadow on society, but if there’s a silver lining to the crisis, it’s that there are also valuable lessons to be learned from it. Among them, we’re reminded that remaining diligent and vigilant and that arming ourselves with knowledge are powerful first steps towards ‘inoculation’ against various kinds of threats.