The Top Cybersecurity News of 2020
February 09, 2021 by Loren LaChapelle
2020 proved to be challenging and life-changing in many ways. COVID-19 and events leading up to the election impacted most people’s personal and professional lives in ways we never would have imagined before. It was also a big year for cybersecurity concerns. Learn more about some of the top cybersecurity news that came out of 2020.
COVID-19 and Remote Work
The pandemic forced nearly all businesses and organizations to pivot in record time. Many users started working from home for the first time ever, and organizations struggled with the quick transition. Instead of connecting to the corporate network in the office where there were likely more security controls, people were connecting through their own modems, making it much less secure. Organizations didn’t have enough time to properly train employees on how to stay secure while working from home, nor did they have the time to put proper monitoring tools in place. Ultimately, networks became more susceptible to an attack due to vulnerable home setups.
On top of that, the likelihood of an employee falling victim to a phishing attack remained high. Cybercriminals used COVID-19-themed attacks to bait users into clicking malicious links. The use of personal devices for work increased along with more personal browsing on work-issued devices, giving hackers a better chance of getting into organizations’ networks.
Another cybersecurity challenge with the remote work environment was the sudden need to have remote meetings. Usage of existing platforms soared, and to meet demand, a variety of video conferencing software rapidly emerged. The sudden adoption of these platforms brought to light many security flaws. Zoom was infamous for having security problems early on. Without other options, many organizations were impacted.
The need to adapt to remote working and video conferencing tools forced organizations to start adjusting their policies and clearly define new expectations for everyone – including security and IT staff – and establish plans for review and reinforcement. Security training became a higher priority and organizations began teaching users about current threats and safe cybersecurity practices to defend against them. Organizations are looking to add more technical controls as well, such as revoking local admin rights for those who don’t need them and restricting personal devices from accessing their network.
Election Security: Disinformation, Feared Direct Attacks, and Election-Themed Phishing
Events leading up to the 2020 election had cybersecurity professionals on edge all year long. Political topics were seemingly the center of every social media post, and lots of misleading or inaccurate information was being shared to encourage certain electoral choices. Election disinformation – mostly from Russia, China, and Iran – came in the form of clickbait articles or other sneaky advertising techniques, where hackers tried to get people to engage with the content. Cybercriminals impersonated trusted sources, and many fell victim to phishing or malvertising attacks.
Although there was plenty of disinformation coming from cybercriminals, fortunately, the direct attacks on election systems that many feared never came to fruition. The FBI and CISA warned of Russian-sponsored advanced persistent threats targeting all levels of government systems leading up to the election. If successful, cybercriminals could have easily altered voter information to disenfranchise voters. Widespread attacks were unlikely, but government security teams were on high alert for targeted attacks such as these – especially considering voter information for 186 million U.S. citizens is available for purchase.
Election-themed phishing campaigns were a common technique employed by hackers to get the victim to click on something malicious. This tactic was not primarily used to affect the outcome of the election, rather they were for-profit ventures like any other phishing attack.
We can takeaway a few key cybersecurity points from the election. Although there were no widespread attacks on our voting systems, we must stay aware of the threat to future elections. Some believe that the attention on election security redirected resources from other security priorities, which could create other issues moving forward. Continue to be vigilant and don’t fall victim to ongoing lures.
Evolving Ransomware Attacks
Over the course of 2020, ransomware attacks evolved tenfold. To put it in perspective, Emsisoft found the average cost of a ransomware attack in 2018 was $5,000, and in 2020, the average cost was $200,000. A bit closer to home, the public sector was hit hard in 2020. One hundred and thirteen federal, state, and municipal governments and agencies were hit, as well as more than a thousand schools.
Following are four of the biggest ransomware concerns to be on the lookout for as we move forward in 2021.
- Double extortion (aka data exfiltration) – This is a new tactic where hackers will first extract the data, then threaten to make that stolen data public if the organization declines to pay the ransom. Cybercriminals – who have made double extortion part of their standard practices – can often encrypt sensitive information before the organization can detect it, making this a lose-lose situation for the attacked organizations.
- Ransomware-as-a-Service (RaaS) – Be aware there are ransomware operations centers that employ a massive number of cybercriminals. At least 20 new ransomware-as-a-service firms popped up in 2020, and that number is only predicted to climb.
- A healthcare facility's need to remain online – The COVID-19 pandemic has made health care facilities more vulnerable to attacks than ever. Attackers are using increased hospital traffic to their advantage by taking out vital systems needed to keep patients alive. Unfortunately, they know that these healthcare facilities are more likely to pay the ransom when lives are at stake. These types of attacks are predicted to increase this year.
- Trickbot and Emotet – These two types of malware have mostly been used to collect account logins and other credentials in the banking world. In 2020, ransomware gangs and ransomware-as-a-service centers have begun to use Trickbot and Emotet for larger enterprises, not just financial institutions.
2020 was undoubtedly a challenging year. Now that we have new insight on what attackers are capable of during a pandemic and monumental election year, it will be critical to keep an eye out to see how all of this continues to unfold in 2021. To help you stay informed, we encourage you to subscribe to our complimentary Daily Threat Briefing – we’ll deliver current threat intelligence reports to your inbox daily.