Sophos 2021 Threat Report

SOPHOS has released its 2021 threat report. It has some good information about the latest security threats to your business.

Knowledge of these security threats can be very useful when it comes to protecting your data and devices.

Customers who are using onsite servers to store data are most vulnerable and are heavily targeted by hackers. Customers who have moved their data to cloud services are better protected.

Cybersecurity is currently focused on protecting your network and devices using firewalls and endpoint protection software.

The future of internet security is not about protecting your network or PC but protecting your data. If your data is protected, then who really cares about protecting your hardware.

Currently, the best way to protect your data is to have it stored on a cloud server like Office 365 Sharepoint, Google Drive, or Drop Box.

EXECUTIVE SUMMARY The Sophos 2021 Threat Report covers topic areas into which Sophos has gained insight from the work over the past 12 months by SophosLabs on malware and spam analysis, and by the Sophos Rapid Response, Cloud Security, and Data Science teams. These aspects of our daily work protecting customers provide insight into the threat landscape that can guide incident responders and IT security professionals on where they should direct their efforts to defend networks and endpoints in the coming year. We've segmented the report into four main parts: Discussion of how ransomware has transformed itself, and where this threat is headed; analysis of the most common attacks large organizations face, and why these metaphorical canaries in the coal mine remain significant threats; how the emergence of a global pandemic affected information security in 2020; and a survey of the scope of attacks targeting platforms not traditionally considered part of an enterprise's attack surface. To summarize the key takeaways from the report:

Ransomware Ì Ransomware threat actors continue to innovate both their technology and their criminal modus operandi at an accelerating pace Ì More ransomware groups now engage in data theft so they may threaten targets with extortion over the release of sensitive private data Ì As ransom groups put more effort into active attacks against larger organizations, the ransoms they demand have risen precipitously Ì Further, distinct threat actor groups that engage in ransomware attacks appear to be collaborating more closely with their peers in the criminal underground, behaving more like cybercrime cartels than independent groups Ì Ransomware attacks that previously took weeks or days now may only require hours to complete

The full report can be downloaded here