Although the COVID-19 pandemic has accelerated technological adoption (think: WFH and virtual schooling and all the new tools you’ve had to learn), it has also exposed cyber vulnerabilities for businesses worldwide.
According to Microsoft, globally, attacks jumped from less than 80 million in February 2020 to a high of nearly 120 million in April and then settling into the new normal of just under 100 million by June 2020. Phishing and social engineering attacks skyrocketed to 30,000 instances per day in the U.S. alone!
Here’s what you need to know about the online threats to your business in 2021.
1. Pandemic-Related Phishing
Cybercriminals take advantage of the COVID-19 pandemic by using widespread awareness of the subject to trick business owners into revealing personal information or clicking on malicious links or attachments, unknowingly downloading malware to their computers.
2. Stimulus Payment Scams
These new scams surfaced when the U.S. Congress passed a $2 trillion relief package to help individuals and businesses to make it through the pandemic. The attacks include posing as the IRS requesting Social Security numbers, pretending to be with a government agency sending out economic stimulus payments, and social media messages asking for personal information.
3. The Acceleration of Ransomware Attacks
In 2020, ransomware attacks were more pervasive than the average data breach, and their number will only continue to grow.
4. Cloud Breaches
Although cloud infrastructure is tightly secured, users are responsible for implementing cybersecurity features and configuring them properly. Cloud misconfigurations are the most common sources of data breaches, and their number is likely to rise as more businesses adopt cloud services to support remote workers.
5. Increasing Threats to Remote Workers’ Devices
Remote work comes with many risks, with workers relying on their home networks or their own devices to complete tasks. Without the security protections that the company’s IT department affords, they are more vulnerable to cyberattacks.
6. The Internet of Things (IoT) Attacks
Businesses are increasingly implementing IoT devices and applications to remotely capture data, manage infrastructure, enhance customer service, and more. Since many IoT devices lack robust security, they’re vulnerable to cyberattacks. Attackers use botnets to gain control of devices and leverage IoT weaknesses to gain access to the network.
7. Endpoint Threats
Since many remote workers rely on always-on endpoints like servers and laptops, cloud-based SaaS, and VPNs, it’s crucial for business owners and managers to implement a full-coverage solution. With a comprehensive, layered cybersecurity strategy—including changing or replacing legacy tools like antivirus that cannot withstand today’s threats—you can reduce your remote-workforce risks.
8. Understaffing Issues and Shortage of Skills
The shortage of trained professionals with vital skills is a significant cybersecurity issue. As a business owner or manager, you should develop a proactive plan to build and maintain your cybersecurity workforce or vendors. Focus on educating your existing employees to work safely online and spot attacks independently. Training should be ongoing and measured for effectiveness.
9. Insider Threats
As the rise of the remote workforce continues, business leaders must consider the possibility of insider threats and data theft by their employees. Since these threats are on the rise, you’ll want to research and apply the tools and systems to detect them.
The Center for Cyber Safety and Education is a nonprofit dedicated to educating children, adults, and seniors on how to be safe online.