Love them or loathe them, year-end lists are an obligatory part of the final weeks of any year, and 2021 is no different. Now, OpenVPN isn’t qualified to report on the best books, albums, movies, or television shows of the year. Anything about the best and/or worst dressed? Not our area of expertise. But we are uniquely qualified to break down the top cyber threats businesses faced over the past 12 months — and we can also take a look at what experts anticipate will be the top cybersecurity threats in 2022. And let’s be honest, if you’re reading this blog, you’re probably much more interested in that sort of thing than any movie ranking.
So let’s break it down.
Network Security Vulnerabilities
Network security, the prevention and protection against unauthorized access into corporate networks, focuses on device interaction rather than actual devices (i.e., endpoint security). Any steps network admins take to keep unauthorized users out of corporate networks and connected devices qualify as network security. Ransomware, a type of malicious software attack (aka malware attack) that usually requires a ransom payment for owners to regain access to their information, was popular with cybercriminals in 2021.
- The frequency of ransomware attacks doubled in 2021, accounting for 10% of all data breaches.
- Globally, 37% of organizations reported being targeted with ransomware in 2021.
- In the first seven months of 2021 there were 2,084 ransomware attacks reported to the FBI — a 62% YoY increase.
- More than 130 different types of ransomware have been identified since 2020.
The 2021 ransomware numbers are scary and, unfortunately, they probably won’t improve any time soon. Not all business owners make ransom payments to regain access to their company data, but some do — so lone wolf cybercriminals and cybercrime-as-a-service groups are willing to play the odds.
Cybercriminals aren’t just persistent; they’re innovative, too, so ransomware cyberattacks continue to evolve. Writing for ITProPortal.com, Daniel dos Santos identified three areas businesses should pay closer attention to in 2022 to mitigate ransomware:
- IoT entry points — The OpenVPN blog has a number of articles about IoT security (Internet of Things). The sheer volume of IoT devices — estimated to hit more than 25 billion by the end of 2021 — creates innumerable entry points for bad actors.
- Third-party software — Criminals are expected to increasingly take advantage of vulnerabilities in third-party software, as they did in the Kaseya incident because companies often aren’t aware of the need to address those gaps.
- Operational Technology — Another high-profile 2021 attack, Colonial Pipeline, was rooted in Operational Technology (OT) vulnerabilities. The attack brought the company’s critical business systems applications, and 5,500 miles of pipeline, to a standstill.
What role does a virtual private network (VPN) play in network security and ransomware mitigation? A VPN creates a virtual tunnel over the internet so data can travel securely from Point A to Point B. A VPN administrator configures user access—usually a username and password—so employees can authenticate and connect to the VPN. Once connected, employees' encrypted communications safely travel over the public internet to your private network. At the same time a VPN solution:
- Ensures unauthorized users can’t tap into your network or connected devices.
- Encrypts communication so only authorized users can see the data.
- Provides admins a way to control access.
- Extends security to mobile devices (e.g., laptops, phones, tablets).
- Mitigates DNS hijacking with content filtering.
Overall, a VPN is an essential tool to mitigate cybersecurity risks.
Data Breaches via Social Engineering
The Verizon 2021 Data Breach Investigations Report (DBIR) put the verified data breach tally at 5,258, up from 3,950 in the 2020 report. Security breaches often originate with social engineering attacks such as phishing emails and spear phishing. Both attempt to trick an email recipient into providing personal information — often login credentials or credit card information — but a spear-phishing attempt isn’t as broad as phishing.
Attackers go wide with phishing, hitting as many people as possible, counting on at least one to respond. Then, with that one set of login credentials in hand, the sender can likely gain access to the company network and its contents, including sensitive data. On the other hand, spear phishing focuses on an individual, with the sender often posing as someone within the same organization.
The Q3 2021 Anti-Phishing Working Group (APWG) Phishing Activity Trends Report found that:
- July’s 260,642 total phishing attacks was the highest in the organization’s reporting history.
- The number of phishing attacks doubled from early 2020.
- SaaS webmail was the most frequent target at 29.1% of all attacks.
- Financial institutions and payment companies accounted for 34.9% of all attacks.
- 700 brands were attacked monthly in 2021, up from 400 monthly.
The World Economic Forum anticipates an increase in phishing attempts in 2022 and that the attacks will be harder to detect due to the use of deepfake technology that can “… be weaponized and used to create targeted content to manipulate opinions, stock prices or worse.” With such a frightening increase, it's essential that businesses implement more and better security measures to protect their networks.
Phishing typically starts with an email that tricks a user into visiting what appears to be a safe website. If the user enters their login credentials on the phishing site, they’ve compromised their username and password. That site is where the login credentials or other personal data (like financial information) are obtained. A full-featured business VPN gives administrators the ability to block known or suspected phishing sites.
Insider Threats and Remote Work
People make mistakes. You can’t stop that, but with the growth of remote workforces, it’s more important than ever that companies take steps to ensure employees are aware of and comply with cybersecurity protocols. Last year’s numbers in TechJury’s November piece, 22 Insider Threat Statistics to Look Out For in 2021, are sobering:
- Over the past two years, insider threats increased by 47%.
- Negligence is the cause of more than two out of three insider incidents.
- 70% of organizations are seeing more frequent insider threats.
- Globally, more than 34% of companies are impacted by insider incidents.
The Verizon 2021 DBIR found that 85% of data breaches involved a human element. More often than not it wasn’t a matter of malice; it was simply human error or ignorance. Hardworking, dedicated employees with no bad intentions, working on unsecured home or public Wi-Fi, are especially vulnerable. Cybercriminals scan internet traffic looking for opportunities to steal credentials or just find ones that are weak and easy to decipher.
According to Forbes, “Nearly 95% of web application attacks are performed using weak or stolen credentials.” But, the story continues, “By implementing two-factor authentication (2FA), multi-factor authentication (MFA), and end-to-end encryption, businesses can provide an extra layer of protection against these simple data breaches. Adding more secure authentication methods makes it significantly more difficult for attackers to penetrate this additional layer of security.”
Like the threats examined above, a VPN is a reliable tool in curtailing human errors that threaten network security. The “extra layer of protection” — encryption and MFA — is built into next-gen VPN technologies and easy for administrators and employees to use. But even with a VPN in use, it’s critical to continually refresh employees on security policies and tools. After all, knowledge is power, and it's important to make sure they know the importance of the basics (e.g., strong passwords).
Conclusion
Yes, 2021 was another tumultuous year for cybersecurity, which will likely be the case in 2022. The connected world and the cloud simplify conducting business and enable employees to work virtually anywhere they can get an internet connection. And while hackers tend to view this new, post-pandemic digital world as a giant opportunity to deploy a variety of attacks against small businesses, enterprises, and anything in between, it is possible to protect yourself. Innovative cybersecurity solutions continue to evolve, giving companies better, more reliable tools than ever before to protect themselves and the sensitive information housed in their networks.