What will 2021 be in terms of IT security?

As we all know, the COVID-19 pandemic has affected the lives of all of us. It has had a huge impact on the IT world, especially in terms of e-commerce and distance communication. ESET decided to go a little ahead of time and presented its forecast for the IT world for 2021.

2021 in the submission of work at a distance

The year 2021 will continue the trend of teleworking, whether we like it or not. We have experienced a turbulent transition to more modern technologies that allow us to work from home. However, it was necessary for us to protect ourselves and our loved ones. However, this move from corporate to home “offices” has brought many negatives. Some of a personal nature (loss of socialization, traffic, for example in the form of children and others), others of security (unencrypted network, old router and others). According to ESET, the share of attacks aimed at Remote Desktop Protocol (RDP), which is actually a Microsoft technology used for remote connection to the corporate network, has increased.

It showed how important it is to have the latest updates, properly protected systems or use at least a regular VPN. Two-factor authentication against unwanted access will also help. It is possible that several companies or employees will be open to the idea of ​​a home office even after the end of the pandemic. However, here, companies need to be aware of the risks posed by employees working from unsecured or poorly secured computers.

“We have all learned that teleworking can be a boon for companies. However, I do not think we will continue to work remotely five days a week. “ says Jake Moore, ESET’s security specialist, in his estimate.

Ransomvera attacks will continue to grow in 2021

Since 2019, a new way of blackmailing companies (ransomver) has emerged, which blackmails them twice. If attackers break into a corporate network through the aforementioned RDP, they can often turn off protection mechanisms. In addition, they often steal data or spread malicious code. The ransomware works by encrypting (locking) all data on the infected computer and requesting a ransom.

Ransomware is not new and some subjects have been prepared for it. It was enough to back up your files regularly. However, modern attackers can already blackmail companies twice. If the company refuses to pay, a second blackmail follows – by publishing the stolen data. They are capable of it, and in many cases they will. This will create a very unpleasant situation for the company, because it leaks personal data to the Internet and there are huge fines for that. The success of such extortion also inspired other malicious gangs, which will not stop even in 2021.

More advanced threats await us

In recent years, there has been talk of a new level of IT threats. It is worth mentioning, for example, “file-free malware”, which attacks the processes and tools of the operating system itself. These techniques, which have recently gained momentum, are being used by spy organizations. They are used to infect high-ranking targets, including government organizations.

“File-free attacks are evolving rapidly, and in 2021, these methods are expected to be used in increasingly complex and large-scale attacks. This situation highlights the need for security teams to develop processes that use tools and technologies that not only prevent malicious code from infecting computer systems, but also have detection and response capabilities – that is, they react even before these attacks fulfill their mission,“ explains Camilo Gutiérrez Amaya, ESET’s security researcher.

Security flaws in smart sex toys

Fortunately, we are not threatened by this threat in Slovakia yet, but since ESET operates worldwide, it also warns us against it. The coronavirus pandemic, the sale of intelligent sex toys, also helped in this area. As measures that help reduce the spread of the virus also mention a reduction in physical socialization – encounter. Naturally, people had to reach for an alternative, which in recent years includes the aforementioned aids. However, research has shown that there is still a long way to go to cyber-secure digital sex.

“The era of intelligent sex toys is just beginning. Recent advances in the industry include models with virtual reality features and sex robots, which include cameras, microphones, and voice analysis capabilities based on artificial intelligence techniques. As has been shown repeatedly, secure development and public awareness will be key to ensuring the protection of sensitive data. Users should be given the opportunity to become smart consumers who are able to demand better practices and technologies from retailers in order to maintain control over their digital intimacy in the coming years. “ says Cecilia Pastorino, ESET’s security researcher.

The pandemic and the changes associated with it have thus shown us that repeated safety advice is still valid and must be observed, enforced and monitored. Bypassing them is expensive. It is also a little more important than ever to educate vulnerable people – children and the elderly – about the pitfalls of the Internet. As mentioned above, we should not forget about employee training either. Only in this way can we achieve a safer world on the Internet.