Alexa metrics
Live Chat

Welcome to UKFast, do you have a question? Our hosting experts have the answers.

Chat Now
Sarah UKFast | Account Manager

Revealed: The Threat Trends of 2020

14 December 2020 by Laura Valentine

SecurityThe onset of the pandemic presented a whole host of new opportunities for hackers, making 2020 a bumper year for cybercrime. Seeking to take advantage of the uncertainty of the time and the rise in remote working, cybercriminals found ever more devious ways to scam individuals and businesses alike this year 

The European Union Agency for Cybersecurity (ENISA) has reported that cyber-attacks became ‘more sophisticated, targeted, widespread and undetected’ in 2020. While there was an abundance of cyber-attacks playing directly on the pandemic, there were also new threats created indirectly. With business continuity at risk, Covid-19 accelerated the digital transformation of many organisations, with remote working and increased cloud adoption providing greater opportunities for hackers.  

Financial gain continued to be the top motivation behind many of the threat trends we saw in 2020, shaping the threat landscape throughout the year. So, let’s take a closer look at the biggest threat trends of 2020.  

Threat Trend #1: Phishing 

The first half of the year saw a surge in phishing scams and other social engineering attacks directed at monetising the anxiety and unrest caused by the pandemic. Fake websites offering Covid tests, health goods or other in-demand services were rife, exposing a need for both individuals and businesses to sharpen their scam-spotting skills. With copycat domains becoming more common and more realistic, it’s increasingly more difficult for an inexperienced eye to recognise the spoof.  

Phishing was undeniably the threat vector of choice during the early stages of the pandemic – attacks surged by 667% between February and March alone.  

Phishing – what to look out for: 

  • Unexpected sender? Only open emails, links and attachments from trusted sources.  
  • Check the domain looks right. Does the sender name match the email address domain? 
  • URGENT! Phishing attacks often create a sense of false urgency to trick you into action.  

Download our phishing cheat sheet to help your team understand the risks and how to spot scam.  

Threat Trend #2: Ransomware 

Globally, ransomware accounted for more than one third of attacks in 2020. Affecting organisations of all sizes, in all sectors, cybercriminals have profited from paid ransoms or by exploiting data stolen during a successful breach. Remote working provided an easy route of access for threat actors – in almost half of recorded cases remote desktop protocol (RDP) or Microsoft’s proprietary network communications protocol were used to facilitate the attack.  

The trend for ransomware did not slow down as the year progressed, with a 40% surge in attacks recorded in Q3 2020, totalling almost 200 million attacks globally. Along with this increase in frequency, the average ransom figure also soared this year – rising by 33% compared to Q4 2019.  

Ransomware – how to stay safe: 

  • Backup business-critical data not only in the cloud but also in a physical off-site location. 
  • Ensure you have cybersecurity insurance that covers ransomware attacks.  
  • Keep your systems patched, up-to-date and invest in a robust security solution that provides full network visibility, monitors and responds to threats.    

Threat Trend #3: IoT-enabled attacks 

Quickly adapting to WFH left lots of people working on unsecured personal devices and networks. Accessing corporate networks via poorly secured devices and home routers created new opportunities of which cybercriminals were quick to take advantage. With remote workers also using a wider array of devices to stay connected, IoT grew in 2020, making it harder for businesses to keep track of all endpoints connected to their networks, leading to decreased network visibility. 

Without appropriate security measures, IoT devices can be compromised, enabling a whole host of future attacks. Once onto the network hackers can move laterally and spread further, creating a botnet that can be used for DDoS attacks or to distribute other malware.  

IoT – how to protect your network: 

  • Only connect to trusted, secured networks and use multi-factor authentication where possible.  
  • Change weak passwords on devices, routers and other network connections.  
  • Improve network visibility to gain greater insight into endpoint security and what ‘normal’ looks like for your network.  

Looking to 2021 

As we look to the year ahead it’s clear that the trend for accelerated digital transformation will continue, and with it we should expect the threat landscape to expand. The most common, known threats should be expected to evolve as hackers become more experienced and sophisticated. Continued remote working and increased cloud adoption will also continue to present a wealth of opportunities for malicious actors.  

The good news? After the surge of attacks seen in 2020, businesses are ready to take cybersecurity seriously. According to research by PWC, 50% of organisations now say that cybersecurity will be baked into every business decision, with 56% of respondents planning to increase their cyberbudgets in 2021. 

Step up your security for 2021.