At least this is what one cybersecurity solutions firm believes, based on its own data from installed user bases.

As cybercriminals continue their exploitation of work-from-home vulnerabilities next year 2021, they may well pivot from data encryption (ransomware) to data exfiltration (cyberextortion).

With Maze ransomware accounting for nearly half of all known cases in 2020, cybersecurity solutions firm Acronis has reviewed its own data from 100,000 unique endpoints, and predicts a growing trend of cybercriminals trying to maximize their financial gain. Not content to collect ransoms to decrypt infected data, they will attempt to target proprietary (and sometimes embarrassing) data before encrypting it. They then threaten to publicly release the stolen files if the victim does not pay up.

The firm’s analysts have found evidence that more than 1,000 companies globally had had their data leaked following a ransomware attack: a trend that is expected to accelerate in the coming year, overtaking encryption as the criminals’ primary tactic.

Noted Stas Protassov, the firm’s co-founder and Technology President: “More than any year in recent memory, 2020 posed a tremendous number of challenges to IT professionals, organizations, and the service providers who support them. What we’ve seen is how quickly bad actors are adjusting their attacks to the new IT landscape. By analyzing the activity, attacks, and trends we’ve detected and clearly presenting our findings, we hope to empower our partners and help the IT community at large prepare for the threats on the horizon.”

Other notable predictions put forth by the firm:

  • Attacks against remote workers will increase. While 31% of global companies reported daily cyberattacks in 2020, the frequency of attacks targeting their remote workers is projected to increase in 2021, since the defenses for systems outside of the corporate network are more easily compromised, giving bad actors access to that organization’s data.
  • Ransomware will look for new victims, become more automated. Rather than continuing to cast a wide net, ransomware attackers will focus on targets that provide a bigger return on their efforts. Breaking into one network to steal data from several companies is more profitable than attacking individual organizations. So, while small businesses will still be targeted, cloud environments and organizations like managed service providers will become more valued targets because their systems can provide access to the data of multiple clients.
  • Legacy solutions struggle to keep up. Blocking the new malware has rendered traditional antimalware solutions obsolete, as they cannot keep pace with the increased sophistication and frequency of new threats. The average lifespan of a malware sample in 2020 was just 3.4 days. As attackers continue to utilize automation, the number of malware samples will continue to climb. Organizations will need to find new approaches to protection that are agile and designed to stay ahead of new threats. Simple standalone security and backup solutions will no longer be enough.

According to the firm, current trends in cyberattacks show that traditional cybersecurity is failing, usually because of weak technologies and human error, which are both avoidable.