2020 was truly a year that tested every individual, every business, and every entity on this planet.
Businesses that were not prepared in the least to support a remote workforce had to pivot overnight (and did so, in most cases, fairly successfully).
Workforces had to adapt equally as fast. Office workers, who in early March worked from their employer’s office, had this location yanked away from them with zero time to prepare. Employees descended upon home offices, basements, spare (or not-so-spare) bedrooms, living rooms – basically any place in the house where one could set up a desk and simple workspace.
The zero time to prepare for this change also meant that employees in many cases did not have their equipment and files from their regular office location. The obvious solution? Use Your Own Device/Whatever Device You Can Get Your Hands On.
In an instant, millions upon millions of personal devices were transformed into “work” devices. And these newly-found “work” devices were not intended to house or manage sensitive data, as the security of the devices themselves, as well as the networks they run on, have very questionable security.
However, given the circumstances of the world doing a 180° in front of our eyes, workers were given no choice but to go with the flow and do whatever it took to continue their daily business operations.
You can see where this story is going. With so many unsecured devices and networks, and with employers focused first and foremost on ensuring daily operations continued and customers were served, the result was a prime opportunity for cyber thieves to do their work.
It is important to note that cybersecurity has been an issue – and has been increasingly worrisome – for companies long before the pandemic came into our world. The headlines of major corporations facing massive data breaches have become quite common. But the COVID-19 emergency certainly accelerated the challenge and exasperated the situation of how a company can best protect sensitive information. Cybercriminals have seen additional opportunities to swoop in and do their damage.
The United States continues to far and away be the chosen country to target, which likely comes as no surprise. BlackFog has tracked reported ransomware attacks since January 2020 and reports the countries with the greatest number of attacks:
- United States: 57%
- Australia: 7%
- Canada: 6%
- United Kingdom: 5%
- Germany: 4%
- France, Japan, and Italy: 2%
- The rest of the world combined: 14%
And what exactly is this cybercrime? What types of cybercrime are occurring most often? In 2020 these are the most frequent types of cybercrimes:
- Phishing emails / malicious COVID-19-themed sites (this started early; cybersecurity experts found that some 4,000 coronavirus domains were registered after January 2020 alone)
- Cloud-based attacks on SaaS offerings (Microsoft Teams, etc.)
- Ransomware
- Direct attacks on remote workers
And finally, an important question that we often hear has to do with whether certain types of businesses are more susceptible to a cyberattack than others. Those asking this question are concerned both about our current environment – and are also thinking ahead to the future when the pandemic as we know it ends.
No industry, no business, no individual is immune to the ill-intentions of cybercriminals, yet some industries are more susceptible to cyberattacks. (And yes, many Fortune 500 companies have a bullseye on them – but small- and medium-sized companies are very likely to be the targets of cybercriminals as well.)
While industries such as manufacturing, education, and healthcare make headlines as likely targets, any company within the services is also of note. And, according to the Insights 2021 Banking and Financial Services Industry Cyber Threat Landscape Report,
The banking and financial services sector is the single most important target for cybercriminals. Banks and financial institutions safeguard incredibly sensitive data of users and employees alike, and data breaches can be costly both in terms of leaked data and financial penalties incurred. Cybercriminals constantly develop new ways to infiltrate even the most extensive security systems.
That means, to be quite blunt, all financially-related firms must move cybersecurity to the top of the priority list.
2021 will again be a year of adjustments and we cannot possibly predict what will take place between now and December, but businesses of all sizes must conduct a cybersecurity audit, identify the holes and flaws, and take needed steps to protect data.
There is, however, something we know for sure, with absolute certainty: even if we emerge from the COVID pandemic in 2021, remote work will continue and cyberattacks will rise in the future.
It’s never been more important than now to protect yourself, your business, and your customers from cybercrime.