PUNE: Cybersecurity firm Seqrite said that it expected an increase in ransomware attacks in 2021, particularly in the healthcare andpharma industries. Threat actors are also likely to use deep-fakes, automated phishing and crypto-mining to stealsensitive data.
Though few ransomware operators agreed to not attack the healthcare sector during the COVID-19 crisis, several other attack groups have continued to use ransomware against this sector, largely because of the sensitive and personal data of patients they store. Numerous hospitals, COVID-19 research firms, and pharma companies have fallen victim to ransomware in the last quarter of ‘20, making it necessary for them to adopt or deploy a comprehensive set of security solutions.
“The pandemic acted as a huge opportunity for cyber criminals to innovate their attack strategies further and steal sensitive data for their personal gain. These advancements are likely to continue in the coming year as well. For instance, new tactics like double extortion, crypto-mining, ethical hacking, etc. are expected to be widely adopted by threat actors in 2021,” said Himanshu Dubey, Director, Quick Heal Security Labs.
The double extortion trend in the cybersecurity landscape is going to stay and innovate further. While earlier ransomware attacks like WannaCry would encrypt files and demand payment in return for a decryption key, a new threat has been observed where attackers also exfiltrate private information. “On denial of ransom, adversaries threaten to release hijacked information in public. This is double trouble for organizations – exposing sensitive data in public causes severe GDPR implications. In either case, businesses are likely to have to pay to move forward. This tactic is called RansomHack or Double Extortion,” said the Seqrite report. Maze, DoppelPaymer, Ryuk, Lockbit, Netwalker, Mountlocker, and Nefilim are few ransomware operators using double extortion techniques.
In September 2020, Seqrite discovered Operation SideCopy, an Advanced Persistent Threat (APT) attack targeting the Indian Defence Forces. Similar to Operation SideCopy, which attempted to use techniques similar to some other state-sponsored APTs, there will be similar attacks in 2021 that will attempt to breach critical infrastructure.
With most organisations expected to follow a hybrid working model in 2021, it also predicts an increase in threats on remote work infrastructure. With cryptocurrency prices at an all-time high currently and are expected to rise even more in 2021, there is a high possibility of attackers developing stealthier crypto-miners.