Reading Time: .
The coronavirus caused a sudden surge in digitization on a global scale. Within just a few weeks, companies remotely connected hundreds of thousands of employees to their corporate networks, requiring analog or local processes to be moved to the cloud at lightning speed. Social contacts, recreational activities, and many other aspects of the everyday lives of millions and millions of people also migrated to the digital realm.
This surge in digitization is putting the digital infrastructure of government, healthcare, business, and private households to the test. Never before have such large volumes of data had to be managed and processed. Scaling by a factor of 100 and more has pushed many a system to the limit.
Cybercriminals use pandemic as an opportunity
Critical infrastructure the target of attackers
Assets entice cybercriminals
Threats and security trends for 2021
- Malicious domains related to the corona pandemic are used for the targeted dissemination of disinformation and malware.
- Digital extortion by means of ransomware and RDoS (Ransom Denial of Service) attacks will continue to grow. Direct monetization makes these methods of attack particularly lucrative.
- Fake news and propaganda on social networks and other platforms to digitally influence the 2021 German federal election.
- Increase in volumetric multi-vector and reflection attacks that multiply the power of DDoS attacks via highly amplifying reflectors (DNS services or protocols such as NTP, TFTP, and Memcached).
- Botnet attacks using credential stuffing and credential cracking enable cybercriminals to hijack poorly secured logins. Password security and multi-factor authentication have still not been adopted by the wider public.
- Phishing and social engineering enable attackers to obtain valuable login credentials and other content for follow-up attacks. Away from secured corporate networks, employees working from home are particularly vulnerable to such attacks.
- The exponential proliferation of networked devices in the IoT, new 5G networks, and industrial manufacturing (IIoT) provides more avenues of attack for malware and botnets.
- Stricter regulations such as the IT Security Act 2.0 (IT-SiG 2.0), the 6th revised version of MaRisk, and DORA impose strict requirements on IT security, data protection, and compliance.