What is Pinterest's revenue model

Crowdstrike cybersecurity forecast

Michael Sentonas, Chief Technology Officer at Crowdstrike, explains double blackmail, national attackers or the complex geopolitical situation in his cybercrime forecasts for the coming year.


At the heart of the ransonware ecosystem is double blackmail

In 2021, some ransomware attackers will modify their revenue model towards double blackmail. This means that in the future the threat actors will not only encrypt the target's data and demand a ransom for its return, but also create additional payment incentives to increase the pressure on the victim to pay the required ransom. For example, some attackers will take targeted measures and, for example, threaten to publish or auction data previously obtained if the victim does not pay.

In the coming year, these nifty cyber attacks will put tremendous pressure on service offerings - everything from redirecting medical services that impact patient care to the ability to use online and mobile banking and financial platforms. Cyber ​​criminals will continue to refine these approaches and experiment with different business models, including affiliate programs, which aim to recruit more people to carry out attacks for part of the profit.


The complex geopolitical situation will have lasting implications for cybersecurity

In the past few years we have seen that relations between Western nations and China and Russia have been severely damaged. In preparation for the worst case scenario, the West will make tougher decisions in the coming year about where critical or widespread technology is imported from, and even go so far as to ban certain consumer technologies.

In 2021, these decisions are likely to expand even further from government and corporate technology to everyday consumer technology. Publicly accessible applications and services are increasingly at risk as adversaries are keen to use all external gaps and weaknesses as a starting point.

Problems with detection behavior and compliance with regulations influence the acceptance of location-independent work environments

According to the 2020 CrowdStrike Global Security Attitude Survey, respondents estimated on average that it would take at least 117 hours to detect a cyber attack. In 2019 there were 120 hours left, which shows that no real progress has been made. The complexity due to the growing location-independent work environment will continue through 2021, which is why we can expect this number to increase significantly. This, in turn, will put pressure on organizations trying to deal with an attack and put them at risk of violating the GDPR and other data breach reporting laws. In 2021, organizations will need to weigh the risks of non-compliance against the flexibility needed to rapidly expand to a work-from-anywhere model. The coming year will see an upward trend in violations of regulations like GDPR as companies struggle to keep up.


Nation-state attackers remain active but leave a smaller footprint

Although the sharp rise in eCrime activity is particularly in the spotlight, 73% of respondents to the 2020 Global Security Attitude Survey believe that in 2021, nation-state-sponsored cyberattacks will pose the greatest threat to organizations like theirs. Nation-state attackers remain active and at the same time use global crises that extend into cyberspace. The result will be further attacks on organizations and governments that are engaged in the race for a cure for COVID-19, to some nation states that want to benefit from the increase in financially motivated attacks.

In 2021, this “smaller footprint” will put organizations at risk of silent failure. While all eyes are on the rise in eCrime, organizations must remain vigilant in defending against nation-states to prevent potentially devastating attacks.


The accelerated introduction of technologies brings with it risks for corporate security

The increasing use of technology brings inherent risks to the home and office network. Devices, networks, data and their management are no longer an easy problem: In 2021, everything on both sides of the firewall will be the responsibility of the company.