With 2020 dominated by the start of the COVID-19 pandemic, there was also a sharp rise in cybercriminal activity. The cyber threat landscape evolved and grew from simple phishing attacks to one of the largest DDoS attacks ever recorded. At the same time, we also saw rapid growth in the tech and cybersecurity industry. From the continued global 5G rollout to the SaaS industry’s exponential growth, there were many positive developments amidst the gloom of a worldwide health emergency.
The challenges arising from these cybersecurity developments – including COVID-19 – will continue to have long-term implications in 2021 and beyond. To this end, here are some of the most pressing cybersecurity trends for the year ahead.
Cybercrimes will experience a surge
2020 was a busy year for both attackers and hackers. Just as busy were cybersecurity personnel defending against the plethora of attacks to which they were subjected. There was a rise in anti-government cyber activities. Aa prominent example of this was the attack on FireEye, allegedly by a foreign nation state-sponsored entity. In this attack, multiple tools were stolen for use in subsequent attacks.
In 2021, such attacks will not just be more frequent, but they will also be very specific regarding whom they target. International cyber espionage will be one of the main motivators for cyber attacks. We will see security vendors being attacked and compromised at an even greater pace. Even the attacks that happened in 2020, like the FireEye attack or the Sunburst attack that targeted the SolarWinds supply chain, will have long-lasting effects. Investigators suspect, for example, that up to 250 organisations may have been compromised in the SolarWinds attack
Such attacks create opportunities for newer attacks or variants/branches of the existing ones. They also drive cybersecurity innovation in 2021.
The intelligent Edge will be weaponised
One of the major innovations driven by 5G is the implementation of multi-access edge computing (MEC). Building intelligence into the edge will boost the availability and efficiency of 5G networks. However, keeping global cybersecurity trends in mind, we can see that attackers might hijack the intelligent edge to launch different kinds of attacks. These will target the mobile core networks and victims outside of the service provider’s realm that has been compromised. If nothing else, MEC can be used for propagating malware into different networks for drone recruitment in IoT botnets.
Low-volume DDoS attacks will be more frequent
2020 saw one of the largest DDoS attacks ever recorded. It targeted one of the biggest names in tech. However, many DDoS attacks went unnoticed. This was because, even though these attacks’ frequency was very high, their size was not.
High-frequency, low-volume attacks will keep the security industry busy in 2021. They will likely be instrumental in disabling security infrastructures or just acting as smokescreens for larger malware attacks such as the recent Sunburst attack.
Five million DDoS weapons will be added to the global DDoS arsenal
A10 Networks has observed that the number of DDoS weapons doubled from around six million at the end of 2019 to 12.5 million in 2020. This trend will remain the same in 2021 as more IoT devices come online with each passing day. We expect to see at least five million weapons added to attackers arsenals.
The large number of DDoS weapons will also enable attackers to launch another record-breaking DDoS attack in 2021. We will have to wait and see whether it will be made public by the victims or not.2021 will be the year of Zero Trust implementation
Zero Trust is coming of age
2020 was the year of understanding what the Zero Trust model is in a practical sense. Throughout the year, we saw security vendors align their solutions with the Zero Trust model, adjust the model as we got more clarity on what it means to be a Zero Trust user, device, or network, and explore the policy changes necessary to a successful implementation of the Zero Trust model. As the COVID-19 pandemic fast-tracked the move to SaaS and made the ‘work from home’ model mainstream, the importance of Zero Trust security has gained critical importance.
Organisations now understand that Zero Trust is not a specific device or vendor. It is a series of strategic policy and practical changes that help enable better security. A successful implementation requires a good understanding of what the Zero Trust model is. It also requires understanding the many diverse solutions that have to work in unison to enable its implementation.
We believe that the concept of Zero Trust has reached a level of maturity and clarity. We expect it to be effectively adopted and implemented by many organisations in 2021. It will become the go-to security model for all types and sizes of organisations. Sophisticated attacks like Sunburst will also drive the need for effective Zero Trust implementation.
SASE adoption will accelerate
2020 forced most of the workforce to work remotely. It has allowed attackers to experiment with new ways of exploiting security loopholes or shortcomings exposed by these rapid changes. It has accelerated and will continue to accelerate the development and adoption of Secure Access Service Edge (SASE) solutions.
However, the move to the cloud is not an overnight transition. Many organisations still have most of their resources hosted on-premises. They will keep on struggling with maintaining the remote work model. Once a vaccine for COVID-19 becomes readily available, and things go back to normal, they will revert to business as it was.
This, however, might be temporary. The world has now experienced a pandemic, and many organisations have started moving their businesses from on-premises to the SaaS-based model. COVID-19 has accelerated this trend. In summary, SASE will be an essential part of the enterprise security infrastructure as we move into 2021 and beyond.
2020 has taught us that vigilance in cybersecurity cannot be taken for granted. We are facing new, persistent threats of all shapes and sizes. Going forward, we have to make sure that we face these threats to the best of our collective abilities. 2021 will be the year of cybercriminal activities, but it will also drive innovations in cybersecurity like never before.
A10 Networks (NYSE: ATEN) provides Reliable Security Always™, with a range of high-performance application networking solutions that help organisations ensure that their data center applications and networks remain highly available, accelerated and secure. Founded in 2004, A10 Networks is based in San Jose, Calif., and serves customers globally with offices worldwide.