KnowBe4 2021 cybersecurity predictions – MFA exploitation, QR code phishing and ransomware mobile attacks


By Jacqueline Jayne, Security Awareness Advocate, KnowBe4 APAC:

  • Remote working security –  Coronavirus has forced organisaions to move their workforce remotely. Next year, we’ll see a larger investment in remote workers’ security. This will probably be a bigger task than most anticipate, with a bottom-up review of which security controls are working, and which are not. We’ll likely see better communication channels settled on, better training and security tools that are less obtrusive to productivity.

Working from home will increase the number of data breaches caused by insiders. With the reduced control organisations have on their workforce, mistakes by insiders can easily be made, resulting in unintentional data breaches. Still having a huge impact on business, organisations will have to increase their level of awareness among employees on this topic.

  • Passwords or not? – 2021 will be the tipping point for passwords. With advancements and adoption of Fast Identity Online (FIDO) and Multifactor authentication (MFA), we’re going to see fewer new services offering only passwords as a form of authentication. However, what this means is that we’ll see an increase in attacks against MFA or passwordless technologies. We’ve already seen examples of SIM hijacking to obtain the SMS codes, but this will likely ramp up and we’ll start to see bigger and worse attacks.
  • MFA exploitation – As the world turns to MFA more and more, people will learn that it doesn’t really stop hackers. It never has. Once a hacker learns that you’re using a certain type of MFA, then they will use your reliance on it to bypass the protection you thought was guaranteed.
  • Security culture – In 2021, we will continue to see the general uptake of security culture, both the term and the concept, across the industry. This increased understanding will result in a broader understanding of the concept of securing the human elements of organisations and will lead to more comprehensive and complete security programs.
  • Ransomware will continue to get worse, leveraging data exfiltration and stolen employee passwords to force victim organisations to pay. A good backup and tested restore will no longer be enough to prevent the ransom from being paid.

Cybercriminals will increase the cost of paying the ransom, and it will be standard for a double payment to delete it. Cybercriminals will create an e-store of stolen databases for the public at large if the ransom is not paid.

  • Ransomware —Mobile attacks” – Consumers will see an increase in WhatsApp and SMS fraud. Not only will the number of scams increase, but cybercriminals will become bolder by asking for higher amounts of money and using more forceful and devious techniques to manipulate people into paying.”
  • Phishing — We will see another surge in phishing attacks as the world begins to move back into offices and workplaces. Similar to the initial move to working from home, people will be hungry for information related to the process of returning to the office and will have questions. The attackers will exploit this desire for information once again.

There will be also be COVID vaccine massively-scaled spear phishing attacks with all-time high click rates in 2021.

  • Industrial Control Systems (ICS) – Attacks will increase against Industrial Control Systems in an attempt to cripple damage power plants or manufacturing organisations. Cybercriminals will continue to develop and attempt to use more exploits against ICS systems and work towards crippling a nation’s electricity grid, water treatment operations or a major manufacturing facility.
  • QR code phishing will become a normalised and very serious attack vector – This is something that has been more of a theoretical threat ever since the creation of QR codes. During 2020, we saw the rise of QR codes showing up more and more often. As the ubiquity of QR codes continues to increase and our smartphone cameras automatically detect and browse to the websites embedded in the QR code, we can see that this will become an attractive and lucrative threat vector.