Cyber Threats In 2021: The year 2021 presented some challenges for most of us – at the same time, cybercriminals have not been idle either. They manage to cheat companies out of vast sums of money with ingenious methods. Emotet, ransomware, and phishing are constantly evolving. We explain what the most significant cyber threats in 2021 are.
In their new Cyberthreat Report 2nd Edition 2021, the IT security experts at Hornet security take a close look at the main gateway for cybercriminals: email communication. What new dangers have emerged in 2021, and what do companies have to be prepared for when opening tire mailboxes in the future?
Cyber Threats In 2021: Emotet: The Big Comeback
The infamous banking Trojan Emotet is known for severe hacker attacks on companies. The BSI even called the malware “the world’s most dangerous malware.” The attack techniques used by the Trojan range from email conversation thread hijacking to changes to the web shells and encrypted attachments in mal spam. Conventional anti-virus filters are successfully circumvented in most cases.
However, the cybercriminal group behind Emotet stopped spreading on February 7th of this year. This is not unusual because since the malware was identified in 2014, there have been times when no Emotet Mal spam was sent.
During the idle time, security analysts registered changes to the Emotet loader, and the Hornet security Security Lab then forecasted the imminent return of the malware. On July 17th, the time had finally come, and the Emotet botnet resumed its activities, and companies had to fear for their security again.
Corona Becomes A Hook For Phishing Mails
Cybercriminals are increasingly taking advantage of events with high media impact, such as the corona pandemic, and trying to get confidential data or smuggle malware into systems with thematically related phishing emails.
Due to awareness and fear of missing relevant information, the recipient’s likelihood of opening such emails is higher. During the Corona crisis, the security analysts at Hornet security observed the exploitation of current, upcoming or critical events particularly frequently. The fake emails contain links to compromised websites or infected attachments.
The recipient is asked to open it in the main text, as they are supposed to receive information about measures to protect against infection with the virus. Malware will likely enter the internal IT system without notice if the prompt is followed.
New Scam: Ransomware Becomes Ransomware
Ransomware is one of the most “feared” and fastest-growing types of malware globally. Encryption malware causes increasing damage to affected companies every year. It is estimated that in 2020 the financial cost caused by ransomware attacks will be around 17 billion dollars worldwide.
After the ransomware has lodged itself in the company network via email, it often scouts the data on the system and encrypts it. The victim is then notified that the files have been encrypted and is asked to pay a certain amount of ransom to restore the data. However, there is no guarantee that the decryption will occur after payment.
In 2021, however, some hacker groups will no longer rely solely on data encryption with ransomware but are expanding their blackmail strategies. Before the victim’s data is encrypted on the compromised computer, the ransomware copies the files to the attacker’s servers, who then threaten to publish this sensitive information on so-called “public shaming” sites. Hornet security’s security analysts refer to this attack technique, a mixture of ransomware and “public shaming,” as “ransomware.”
Up To Date With The Cyberthreat Report
In addition to Emotet, Phishing and Ransomware, there are many other cyber threats that companies need to be aware of. So that you are fully informed about the current IT threat situation, the cloud email security provider Hornet security regularly publishes analyses from the Hornet security Security Lab. The new Cyberthreat Report 2nd Edition 2021 is now available for free download.
Recommendation: This Is How You Protect Your Company Properly
Since email communication is the main gateway for cybercriminals, it is essential to secure it with in-depth AI-supported filter systems. These must also fully recognize the most advanced types of malware and render them harmless.
Hornet security has developed the cloud-based service Advanced Threat Protection for this purpose, which uses freezing, URL scanning, rewriting, and sandboxing to identify even the most disguised threats and keep them away from the IT infrastructure.