The year 2020 has been a time of very important changes, the predictions in that sense have become dead paper. The Covid-19 pandemic has accelerated the transition to the digital world and remote work. From a cybersecurity perspective, manufacturers and companies have chosen to work with security researchers to find bugs in their networks and websites. On the other hand, governments have started to rely on vulnerability disclosure programs (VDP) to better counter attacks by cybercriminals. Next, we are going to see the cybersecurity forecasts for 2021, and try to deduce what can await us.
Ethical hackers will play an important role in elections
Among the cybersecurity forecasts for 2021, ethical hackers will undoubtedly be a key factor in ensuring the integrity of voting systems and processes . In this way, the general public is guaranteed that the electoral process is as safe and transparent as possible. The role of security researchers in this area is to test voting systems, just as cybercriminals would. Your mission is to discover exploitable vulnerabilities, and then disclose them to the appropriate personnel for correction as soon as possible.
In previous years, voting equipment manufacturers looked down on ethical hackers who proactively tested their equipment. However, in 2020 we have seen major vendors announce policies to work more closely with these researchers to find errors in their networks and websites.
Governments will make progress in disclosing vulnerabilities
Another cybersecurity forecast for 2021 is that governments will become more aware of the benefits of disclosing vulnerabilities by default . In this sense, governments are beginning to be aware of the many threats they face in the cyber world. Therefore, a league of hackers can help them balance their forces with cybercriminals. When you are facing a large number of adversaries, an army of allies to help you makes a lot of sense.
Governments around the world are also leaning towards the benefit of transparency inherent in a well-managed VDP (neighborhood watch for the Internet) to build trust with their constituents.
The dangers of false flag attacks
A false flag attack can be defined as an adversary who tries to make his attack appear to originate from another entity. A relatively recent example is South Korea’s 2018 Winter Olympics in Pyeongchang. In this case, they tried to make the attack look like it was carried out by North Korean attackers. Due to the bad relationship between the two countries, this is a good example of the low cost of carrying out an attack of this type and the potentially disastrous consequences it can have.
Since that time, there has not been a major attack of this type. However, in the cybersecurity forecasts for 2021, state-sponsored cybercriminal groups are expected to improve their tactics in order to successfully launch more advanced false flag campaigns. Looking ahead, governments must expect and be prepared to receive more false flag campaigns more often.
Ransomware in hospitals
Without question, hospitals have traditionally been a lucrative target for ransomware attacks . This is due to the urgent need to access computer systems and medical information of patients. This often leads victims to pay cyber criminals in order to recover their information.
Another cybersecurity forecast for 2021 will be the increase in ransomware attacks in medical institutions that can lead to catastrophic consequences as we will see below. In September 2020, a German hospital was attacked with ransomware prompting a patient may not receive vital treatment and died. In the near future, other attackers are likely to prioritize ransomware attacks on critical life support systems. Therefore, when saving a patient’s life is urgent, great pressure is put on any hospital to end up paying a ransom.
Finally, the healthcare industry, to prepare against ransomware campaigns, needs to identify its critical systems and determine which are the most critical. Each healthcare organization can then prioritize those critical systems to conveniently update and protect them to ensure patient safety.