Where to focus your cybersecurity defences in 2021

ramsac 2021 cybersecurity blog

Posted on January 4, 2021 by Louise Howland

Cybersecurity is constantly evolving; cybercriminals develop new ways of attacking individuals and organisations, while cybersecurity experts create methods to counteract these to defend and protect organisations. Verizon have published their 2020 data breach report, which is a great resource containing plenty of really interesting statistics. ramsac’s Technical Director, Paul Mew, has analysed the report to highlight some key points to help organisations to ensure they are focusing on the right areas to improve their security as we move into 2021.

Email phishing is rife

The vast majority of breaches in 2020 involved e-mail phishing attacks. Cybercriminals with a financial motivation were using stolen credentials, intercepting e-mails, changing payment information and creating fraudulent invoices to scam money from individuals and organisations.

“Social actions arrived via email 96% of the time, while 3% arrived through a website. A little over 1% were associated with Phone or SMS”.

There were also a large number of brute force password attacks and ‘password sprays’. Brute force password attacks target a website or application’s login page and automatically cycle through common passwords until the correct one is found. Password spays are a different approach, where the same commonly used password is attempted on thousands of accounts so as not to trigger an automatic lockout on those accounts.

Malware in decline, patching still important

Interestingly Verizon found there has been a steady decline in breaches from malware, including ransomware, during 2021. This is probably due to improved malware and anti-ransomware solutions such as Sophos Intercept X, and it tallies with what our support desk has been seeing, with fewer ransomware and crypto-locker type incidents compared to a couple of years ago.

Verizon also identified an interesting point around vulnerabilities, these were only exploited in around 2.5% of all breaches they reviewed:

“While successful exploitation of vulnerabilities does still occur (particularly for low-hanging fruit), if your organization has a reasonable patch process in place, and you do not have a state-aligned adversary targeting you, then your time might be better spent attending to other threat varieties.“

They also reported…

“…we took two samples from vulnerability scan data: organizations with the Eternal Blue vulnerability present on their systems and those without.

The systems that were vulnerable to Eternal Blue were also vulnerable to everything from the last decade or two. Once again, no, each new vulnerability is not making you that much more vulnerable”

This means provided organisations are patching regularly, a new vulnerability doesn’t immediately make an organisation significantly more vulnerable. It’s the organisations who don’t patch at all that are the ones suffering from vulnerability exploits (both new, and ones from ten years ago like Eternal Blue).

AHI and flying cars!

“For better or worse, the promise of fully autonomous Artificial Hacking Intelligence (AHI) is still at least 15 years away, along with flying cars.”

Artificial intelligence (AI) and Machine Learning (ML) are being used increasingly in our everyday life, from Netflix recommending what to watch next, to automated invoice processing. Artificial Hacking Intelligence (AHI) is where cybercriminals could in theory use AI and ML to automate attacks and find weaknesses in systems. Verizon have found that fully autonomous AHI is still a long way off, but more positively machine learning is already being used to spot attacks and take action to protect systems.

Protecting your organisations in 2021

Our advice for organisations to protect against cybercrime in 2021 is:

  • Have a strong password policy and implement multifactor authentication (MFA) on all accounts, across all systems. MFA will prevent the vast majority of attacks involving stolen credentials and is relatively quick and cheap to implement.
  • Ensure you are patching systems on a regular basis.
  • Provide users with regular cybersecurity training, including phishing e-mail testing
  • Have robust anti-malware, ideally with anti-ransomware and ensure it is kept updated.
  • Use an email system like Mimecast or Microsoft Defender for Office 365 to block malware and phishing via e-mail.
  • Ensure backups and business continuity plans are in place should the worst happen; you need to know how quickly you can restore/recover.

Organisations can never be 100% safe, users will make mistakes and it’s difficult to defend against someone who’s specifically targeting your organisation, but by putting the above processes in place will stop the vast majority of cyber-attacks.

Find out more about protecting your organisation against cybercrime

Related Posts

  • Smishing: How fake texts can trick your team
    May 9th, 2025

    Smishing: How fake texts can trick your team

    Cybersecurity

    A real-world example of a WhatsApp scam targeting ramsac staff shows why organisations must stay vigilant against smishing attacks, here’s what to look for and how to protect yourself. [...]

    Read article

  • What SMEs can learn from the Marks & Spencer cyber attack
    May 1st, 2025

    What SMEs can learn from the Marks & Spencer cyber attack

    Cybersecurity

    What can SMEs learn from the recent Marks & Spencer cyberattack? We explore key lessons and practical steps to strengthen your cybersecurity and protect your business. [...]

    Read article

  • Why ISO 27001 certification matters for your business
    April 30th, 2025

    Why ISO 27001 certification matters for your business

    CybersecurityIT

    Explore why ISO 27001 is essential for data protection, client trust, and business growth, and how ramsac can help you achieve it with ease. [...]

    Read article

  • AI in Malware Analysis
    April 28th, 2025

    AI in Malware Analysis

    AICybersecurity

    This blog explores how AI is revolutionising malware analysis, providing detailed insights into its methodologies, applications, and benefits.  [...]

    Read article

  • Understanding Data Exposure Risk in SharePoint and OneDrive
    April 1st, 2025

    Understanding Data Exposure Risk in SharePoint and OneDrive

    CybersecurityMicrosoft 365Technical Blog

    As the way we work continues to evolve, proactively managing data exposure in SharePoint and OneDrive is essential to safeguard sensitive information and maintain trust in an AI-driven world. [...]

    Read article

  • Cyber Essentials: Transitioning from the Montpelier to Willow Question Set
    March 11th, 2025

    Cyber Essentials: Transitioning from the Montpelier to Willow Question Set

    Cybersecurity

    Cyber Essentials is evolving, on April 28, 2025, the Willow question set will replace Montpelier. Discover what’s changing, how it affects your certification, and how ramsac can help you [...]

    Read article

Quiz yourself

Are you more cyber savvy than an 11 year old?

11-14 year olds get asked these questions in school. Could you get these right?

X