Cybersecurity 2021: Let’s Learn from Last Year

As we look back on a year in which the COVID-19 pandemic dominated the headlines, there was another threat that dominated the IT world – cybersecurity breaches. The past year has seen an explosion in cyber-criminal activity, much of which is captured in the Sophos 2021 Threat Report.  

The average ransomware payout rose from $84,116 in Q4 of 2019 to $233,817 in Q3 of 2020 – nearly quadrupling over the year. Ransomware actors know how expensive downtime can be and are testing the upper limit of what they can extract in an attack.  

The COVIC and cyber threats are not unrelated. The threat report notes that their chief scientist, Joshua Saxe, put out a call on Twitter in March 2020 to assess the situation as lockdowns to contain the virus were being implemented across the world. Criminal groups were incorporating references to COVID-19 into a range of crime campaigns. They were innovating both their technology and their modus operandi at an accelerating pace during the crisis.  

Organizations such as schools and municipalities have been particularly hard hit, because they have not had the budget, or the time during the pandemic, to implement the proper defenses when they set up remote access for staff, students and constituents.   

In response to the increased threat, more than 4,000 information security analysts banded together in a collective show of defiance to form the COVID-19 Cyber Threat Coalition (CCTC) in a Slack channel to create a community that could share information in times of crisis. 

“If you want to go quickly, go alone, but if you want to go far, go together.” 

Joe Levy, CTO, Sophos 

The Sophos 2021 Threat Report is based on insights from the work of SophosLabs on malware and spam analysis, and by the Sophos Rapid Response, Cloud Security, and Data Science teams. The 36-page report is comprised of four sections:  

• The Future of Ransomware – a discussion of how ransomware has transformed itself, and where this threat is headed. 
• Everyday Threats to Enterprises – an analysis of the most common attacks large organizations face, and why these metaphorical canaries in the coal mine remain significant threats.  
• COVID-19 as a Force Multiplier – how the emergence of a global pandemic affected information security in 2020. 
• Not Letting Your Guard Down – a survey of the scope of attacks targeting platforms not traditionally considered part of an enterprise's attack surface. 

The report also features an interesting profile of the “days-in-the-life of a ransomware rapid responder”. This walks through a day-to-day summary of how an attack from Maze ransomware, which still active at the time, was thwarted over nine days by the Sophos Rapid Response team. The “days-in-the-life” demonstrates that it possible to survive unscathed once an attack starts if you have the resources and game plan in place to fend off attackers.  

The Sophos 2021 Threat Report, posted to our Flagship website, is required reading for anyone with a responsibility for IT security. 

If you’re feeling vulnerable to cyber threats, it is time request a security assessment by one of Flagship Networks’ qualified technicians.