Their AI-driven cameras, microphones and VR features may spell the end of your WFH boredom in ways you never imagined …
If readers are getting jaded with too many cybersecurity predictions in an era where predictability is truly a shot in the abyss of pandemic uncertainty, do not take it to heart.
Why? Because many predictions for 2021 will merely be reinforcing the view that the world needs to tackle cyberthreats as a pandemic, too.
- The future of work: Embracing a new reality
The advent of the COVID-19 pandemic has ushered in mass implementation of remote working, which has seen a heavier reliance on technology than ever before. This shift away from the office has brought benefits for employees, but it has also left companies’ networks vulnerable to attack.
Jake Moore, an ESET Security Specialist, commented: “We have all learned that working remotely can benefit organizations; however, I don’t think that we will continue to work remotely five days a week. More employees around the world will naturally and effortlessly migrate to what works for them and their businesses. As more of our working and home lives become digital, cybersecurity will remain the lynchpin of business safety. Cyberattacks are a persistent threat to organizations, and businesses must build resilient teams and IT systems to avoid the financial and reputational consequences of such an attack.”
- Ransomware with extortion: Pay up or your data gets leaked
With ransomware attackers seeking greater leverage to coerce victims into paying escalating ransom demands, the stakes are increasing for victims. Exfiltration and extortion may not be new techniques, but they are certainly growing trends.
Tony Anscombe, ESET’s Chief Security Evangelist, commented: “Companies are becoming smarter, deploying technologies that thwart attacks and creating resilient backup and restore processes, so the bad actors need a ‘Plan B’ to be able to monetize their effort and build resilience into the attack, rather than being reliant on a single form of threat.”
Anscombe noted that thwarted attacks or diligent backup-and-restore processes may no longer be enough to fend off a committed cybercriminal demanding a ransom payment. “The success in monetizing due to a change of technique offers cybercriminals an increased chance of a return on investment. This is a trend that, unfortunately, I am sure we will witness more of in 2021.”
- Fileless malware: Beware the shifting sands of cyberthreats
In recent years, cybercriminal groups have turned to using increasingly-complex techniques to deploy highly targeted attacks. Some time ago, the security community began to talk about ‘fileless malware’ attacks that piggyback on the operating system’s own tools and processes and leverage them for malicious purposes. These techniques have gained more traction recently, having been employed in various cyberespionage campaigns and by various malicious actors, mainly to hit high-profile targets such as government entities.
Camilo Gutiérrez Amaya, a Senior Security Researcher at ESET, noted: “Fileless threats have been evolving rapidly, and it is expected that in 2021 these methods will be used in increasingly-complex and larger-scale attacks. This situation highlights the need for security teams to develop processes leveraging tools and technologies that not only prevent malicious code from compromising computer systems, but that also have detection and response capabilities.”
- Bad vibes: Security flaws in smart sex toys
With new models of smart toys for adults entering the market all the time, research has shown that we are a long way from being able to use smart sex toys without exposing ourselves to the risk of a cyberattack. Now these findings are more relevant than ever, as we are seeing a rapid rise in sex toy sales as a reflection of a global health crisis and the social distancing measures related to COVID-19.
Cecilia Pastorino, an ESET Security Researcher, commented: “The era of smart sex toys is just beginning. The latest advances in the industry include models with VR (Virtual Reality) capabilities and AI-powered sex robots that include cameras, microphones and voice analysis capabilities based on AI. As has been proven time and time again, secure development and public awareness will be key to ensuring the protection of sensitive data, while we empower users to become smart consumers who are able to demand better practices from vendors in order to maintain control of their digital intimacy in the years to come.”