Your Predictions: 2021’s Top Cyber Threats
By Rachel Miller
During National Cybersecurity Awareness Month, we challenged our community of cyber experts and beginners with this question: What is the greatest cybersecurity threat for 2021? We had nearly 50 responses from cyber thought leaders, Fullstack Cyber Bootcamp grads and prospective students. The results are in—below are the ranked predictions of what to prepare for in 2021 to make the world safer from cybercrime.
- Lack of Cyber Talent
- Human Error
- Remote Work Environment
- Social Engineering
- Power Grid Attacks
Lack of Cyber Talent
In 2021, there will be 3.5 million unfilled cyber jobs globally according to Cybersecurity Ventures. Fullstack Cyber Bootcamp Managing Director Mark Davis considers this a “national emergency” that, thankfully, can be addressed with rapidly training beginners. Challenge participants agreed—almost one quarter of all responses predicted the lack of cyber talent as the leading threat for 2021.
To Keep Us Safe, We Need More Cyber Analysts
A Need to Consistently Train, Improve, and Innovate
"The greatest threat to our cybersecurity in 2021 is passivity. Without an active presence of defense, we open ourselves up to all threats, without even knowing they exist at all. It's impossible to play catchup when we are up against cyber threats. As such we need to consistently improve, innovate, and set up the next generation of security professionals to do the same."
More Cyber Professionals to Keep Up with the Perpetual Digital Transition
"I think the greatest cybersecurity threat of 2021 will be the lack of cybersecurity professionals. The world is moving more and more toward using tech for everything, and we need a lot more people to secure our information." Floyd D.
Hackers Tactics Will Improve, and We Must Be Able to Respond
"I don't believe there is a single ‘greatest cybersecurity threat for 2021.’ I believe that as hackers and threat enemies become more sophisticated, better at their tradecraft, and create better tools, all of the threats that we see will become more dangerous. I look at it as an ‘arms race.’ As one team gets better, the other team responds. As we get better, they get better. However, to pick one single threat, I would put the skills gap and lack of professionals on top."
According to digitalguardian.com, cloudjacking is a “process in which an individual or organization’s cloud account is stolen or hijacked by an attacker.” Cloudjacking received the second highest votes for 2021’s greatest cybersecurity threat, after lack of cybertalent.
Increase the Network’s Defense and Response Abilities
High Risk for Hacking Cloud-Stored Political Information and Medical Records
"The greatest cybersecurity threat for 2021 is foreign countries hacking one another for political information and medical records within cloud databases for the purpose of selling it or blackmailing their enemies."
Vulnerabilities in the Internet of Things (IoT) Must Be Addressed
"I believe the greatest cybersecurity threat for 2021 will be vulnerabilities in the IoT. Technology is moving at a rapid pace to integrate itself into our lives at every corner. In doing so, we become more open to actual physical interference by outside entities. Things such as the locks on our doors, our coffee machines, and lights are all slowly becoming connected to larger, less secure networks. This not only creates avenues for threats to spy on our personal information, but it also bridges the line between cyber and physical.
A Push for Upgrading and Patchwork in IoT Products
“The sad reality is also the lack of upgrading and patchwork done to our physical items that are in this IoT sphere. We rarely would think to update our fridge. These problems will only continue to grow, especially sooner than later as innovation and technology continues to develop in a speed where cybersecurity professionals are outnumbered and understaffed." Iftakar K.
As More Businesses Adopt Cloud Computing Services, Cloudjacking Risks Increase
“Cloudjacking is likely to emerge as the most serious threat due to uptake of cloud computing services by many businesses. Code injections will be used against cloud platforms, and attacks from SQL injections and cross-site scripting will be carried out to intercept and modify data stored in cloud servers. Attackers can also inject malicious code sites that users will download and run the executable files unknowingly.” Ronald L.
Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid, according to cisa.gov. Challenge respondents cited ransomware as the third largest risk for 2021.
Ransomware Risks Increase as BYOD Becomes More Common for WFH Employees
Ransomware Will Continue Its Exponential Growth
Keeping Data Secure and Accessible Is Paramount to a Company’s Success
"Ransomware. A company’s data is its most important asset and keeping that data secure and accessible is paramount to success. Ransomware will all but cripple your data and infrastructure by encrypting everything in your network and making recovery impossible unless proper backup procedures have been followed or payment is made."
Ransomware Often Targets the Public Health Sector
"I believe the greatest threats will be ransomware and cloud breaches because it targets the healthcare and public health sector."
According to kaspersky.com, “52% of businesses admit that employees are their biggest weakness in IT security...They worry most about employees sharing inappropriate data via mobile devices, the physical loss of mobile devices exposing their company to risk, and the use of inappropriate IT resources by employees.” Human error received the fourth most votes in the Fullstack Cyber Bootcamp’s Cyber Challenge.
Data Breaches Are Often the Result of User Error
"I believe that, in 2021, the greatest threat to cybersecurity will be the human element. Technical teams go to great efforts to secure environments, but what we often neglect to consider is the weaknesses that we possess as humans. Breaches often happen due to a user error, clicking on a link, or downloading a malicious file. Fortification of systems begins with implementation of technology but involves the essential need to train and educate end users to serve as the first line of defense instead of the first break in the chain."
A Company Is Only as Strong as Its Weakest Link
"The greatest cybersecurity threat will always be human error. It doesn’t matter how secure something is. All it takes is just one person to be fooled to bring it all down."
Remote Work Environment
“Cyber criminals are adapting their tactics and are now targeting people in their homes, which in many cases, is now their office too. As working from home becomes a gateway to new forms of data theft, companies face increased cyber risk,” reports Deloitte. WFH received the fifth highest number of predictions for 2021’s greatest cybersecurity threat.
Cyber Criminals Will Take Advantage of Recent Shifts Towards WFH
"I believe that one of the greatest threats for cybersecurity in 2021 will be cybercriminals who are aware and planning attacks against companies who have poorly transitioned their employees to work from home. The companies who failed to properly prepare their employees personal devices and networks to withstand a cyberattack are incredibly vulnerable. Working from home, for many employees, provides a false sense of security and could be incredibly devastating for many companies and their consumers worldwide."
Remote Worker Endpoint Security Must Be Addressed
"Remote worker endpoint security will be critical, as more companies will be implementing work-from-home setups due to pandemic situations. More so, mobile devices can often end up concealing signs indicative of potential phishing attacks and other cybersecurity threats."
In the WFH Environment, Everyday Users Must Step-Up Their Cybersecurity Awareness
"The greatest threat is the knowledge gap—both for professionals and the everyday users. While there's a shortage of professionals to satisfy the needs of the job market, the everyday users should also be knowledgeable of how to keep themselves protected, especially as we've moved to remote work."
As mentioned in our recent blog post on cyber predictions, Norton gives the following definition of Deepfakes: “Deepfake is a combination of the words "deep learning" and "fake." Deepfakes happen when artificial intelligence technology creates fake images and sounds that appear real. A deepfake might create a video in which a politician's words are manipulated, making it appear that political leader said something they never did. Other deepfakes superimpose the face of popular actors or other celebrities onto other people's bodies.” Deepfake risks received the sixth highest number of votes.
Deepfakes Coupled with Misinformation Will Create Mayhem
"My prediction for the greatest cybersecurity threat of 2021 is a combination of deepfakes and misinformation. While we all like to think of ourselves as media-savvy, intelligent individuals who can differentiate between reality and propaganda, one look at social media shows that's not the case for many people. The documentary The Perfect Weapon does a great (terrifying) job of detailing the new reality of digital misinformation as a devastating war tactic. I see that as a significant problem in the coming year."
“In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems. An attacker may seem unassuming and respectable, possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity,” according to cisa.gov.
Playing on Human Emotion Will Only Continue
As People Become More Engrossed in Social Media, Social Engineering Becomes a Greater Target for Hackers
"I think the biggest cybersecurity threat for 2021 will continue to be social engineering attacks as almost everyone with access to a phone or laptop is engrossed in social media and most people base their everyday lives on it. This makes it a ripe target for hackers.”
Power Grid Attacks
Utility Drive reports “the U.S. electric grid ‘is becoming more vulnerable to cyberattacks,’ according to a new assessment from the U.S. Government Accountability Office, with industrial control systems and the rise of distributed resources playing major roles in the growing risk.”
Securing the Grid and the Its Operation Components Should Be Priority #1
"The greatest cybersecurity threat for 2021 will be the vulnerability of the power grid within the United States and all nations. I believe it's been made very clear that there are serious threats from other nations and entities that may wish to take some form of control over the US public. Any seizure or attack on the grid would cripple the fabric of any nation and society, ultimately leaving them completely defenseless. Communications, defense, and medical systems would be some of the more crucial systems to be threatened making any and all emergency response compromised. I believe securing the grid and the components surrounding the operation of the grid would most certainly be priority number one."
If you’re interested in learning more about cybersecurity, check out our free Hacking 101 video series focusing on current cyber threats or try our free Cyber OnRamp course to learn Linux Command Line for beginners.