As digital technology advances, it permeates almost all spheres of human activity and life in general. Digital devices play key roles in a wide variety of environments ranging from interpersonal communication to financial operations and even home security. Such technological development is highly beneficial as it provides humankind with numerous opportunities. However, the interconnectedness of diverse devices and machines leads to the occurrence of cybersecurity threats. Vital information may be stored in digital forms, and hence cybercriminals may try to steal or use such data for their benefit.
Cybersecurity issues were considered long before the rapid spread of the internet and web technologies. Nevertheless, with the ability to access remote devices and data storage from all over the globe, cybersecurity concerns have become more relevant than ever. Therefore, it may be essential to address cybersecurity not only in the private sector but also on a national level. The threats may come from different sources, and the criminals may focus on distinct vulnerabilities in the security of the system (Wall, 2017). It is vitally important to introduce a comprehensive approach to the development of cybersecurity frameworks to prevent all varieties of potential threats. Such a goal may be achieved by thoroughly analyzing the threat landscape and implementing tools, tactics, and procedures following the analysis results.
As already mentioned, digital technology develops rapidly as new methods are implemented, new hardware is designed, and advanced software is utilized. As various advancements emerge, the cybersecurity field undergoes significant changes. For instance, the occurrence of mobile devices and the development of cloud services introduced several security-related challenges. The field is constantly changing, and it may not be possible to introduce a comprehensive cybersecurity framework for a brand new technology. Cybercriminals may find weaknesses and vulnerabilities as the product is not tested on the market. Moreover, it may not be possible to assess every possible threat and prevent cybercrime completely. Therefore, it may be critical to constantly reevaluate cybersecurity frameworks and provide timely responses to emerging threats.
Even though it may be highly beneficial to expect the unexpected and consider all potential threats, the most relevant studies can be used to identify recent trends in the cyber threat landscape. Cybersecurity threats are frequently closely linked with the technologies that entered the market recently or have a rapidly growing audience. As more and more people use a particular technology, cybercriminals are more interested in it. Furthermore, relatively new technologies tend to be vulnerable and provide insufficient cybersecurity. Therefore, such technologies as cloud services and 5G connected IOT devices may represent the most vulnerable field in 2021.
Cloud services may not represent new technology, yet the number of cloud users increased rapidly during the past few years. The field was gradually growing since it was established and made a huge jump due to the current Covid-19 pandemic (Tiberiu, 2021). The quarantine-related restrictions forced millions of people to work remotely from their homes. Consequently, the cloud became one of the most demanded technologies. The rapid growth of demand made cloud providers realign their resources to achieve sufficient supply (Tiberiu, 2021). However, such an approach relegated cybersecurity concerns to second place. In most cases, security measures were implemented as an afterthought. At the same time, the number of cyber threats increased as the field became more profitable and hence more attractive to cybercriminals. Constantly emerging threats combined with insufficient and underdeveloped security may explain the cloud’s exposure to cybercrime.
Another significant element of the modern threat landscape is pandemic-related cybersecurity attacks. As the pandemic continues to exist, and in some cases, it even manages to spread further, the covid-related restrictions remain the same. These restrictions lead to people working from home and using digital devices more than ever before. Moreover, people are frequently deceived by malicious links provided by cyber-criminals. Therefore, social engineering attacks represent one of the most noticeable threats to modern cybersecurity. Some sources state that the number of cyber-attacks increased by approximately three times since the beginning of the pandemic (Rials, 2021). It may be essential to address the issues related to social engineering attacks and provide the frameworks to mitigate the adverse effects. It may also be rational to educate populations to avoid such cybercrime.
Even though new technologies and circumstances lead to the occurrence of new types of cybersecurity threats, some of them remain. Ransomware has represented a predominant threat for several years and may remain one of the most significant problems that require a response. It may cause considerable damage and lead to financial losses for both organizations and individuals. In addition, ransomware attacks increased rapidly during the recent pandemic due to insufficient knowledge related to cybersecurity among people and higher rates of internet use. Ransomware may become one of the most significant threats in 2021 and cause leaks or destruction of valuable data. It may become particularly dangerous for cloud data storage, and hence it is critical to take preventive measures.
Threat actors may differ significantly depending on their goals, targets, main representatives, and even level of organization. There may also be a distinct difference in the tactics, techniques, and procedures utilized by a particular threat actor. Tactics, techniques, and procedures or TTP refer to concrete behaviors and methodology that a cybercriminal uses to achieve the desired goal. In some cases, the same cases these actor types may overlap or mix. Nonetheless, there are six most common types of threat actors, including cyber terrorists, government-sponsored actors, organized crime, hacktivists, insiders, and internal user errors (Sailio et al., 2020). Some of the above-mentioned threat actors may introduce an Advanced Persistent Threat (APT). APTs are usually represented by actors sponsored by the government or the state, which aim to steal valuable data. However, such actors as cyber terrorists or organized crime may also represent an APT. It may be essential to identify the potential threat actor to develop cybersecurity protocols properly.
Cyber terrorists represent a modern digital manifestation of terrorism as a whole. Their aims are frequently linked with their primary activity and are frequently destructive. The main dimension in which cyberterrorists act is destroying valuable data and causing harm. In some cases, they may try to obtain sensitive information needed for their illegal activities. They normally target governmental organizations or businesses and rely on a wide variety of possible exploit vectors. However, social engineering represents the most common method that is used by the above-mentioned threat actor.
Government-sponsored or state-sponsored actors are directly funded or supported by the authorities. In most cases, such actors act in the interests of a particular country to obtain valuable intelligence and strengthen their positions in the international arena. They may also steal intellectual property and any information regarding technological advancements. These actors usually target authorities of foreign countries and organizations. Government-sponsored actors are usually represented by professionals who aim to cover any track of their activity. Therefore, they may have sufficient knowledge and resources to utilize a wide variety of vulnerabilities and implement such methods as host-based evasion, passive web-based recon tools, and rogue software (Cho et al., 2018). Zero-day exploitation is an essential technique that involves focusing on software flaws that are unknown to the cybersecurity department, and hence the fact of exploitation remains undetected.
Organized cybercriminals are threat actors that aim to gain profit from their activity. They may steal personal information or business data and use it to blackmail their victims or sell to other interested parties. As their primary objective is financial gain, they usually target individuals or businesses. They frequently rely on social engineering attacks, phishing links, and ransomware (Graham & Smith, 2020). Unlike organized cyber criminals, hacktivists’ objective is to expose the truth to the public regarding controversial issues. Nonetheless, they may target organizations or influential people using similar methods.
Insiders and internal user errors represent a similar problem that can be prevented by proper supervision and technology-related education in the organization. Both of these two threat actors are not limited to any particular goal and may target any organization or system regardless of its field. Internal user errors are not provided by malicious intent yet may cause extensive damage. Therefore, it is crucial to develop user-oriented frameworks to mitigate the risks related to both of these internal threats.
References
Cho, S., Han, I., Jeong, H., Kim, J., Koo, S., Oh, H., & Park, M. (2018). Cyber kill chain based threat taxonomy and its application on Cyber Common Operational Picture. 2018 International Conference On Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA).
Graham, R., & Smith, K. (2020). Cybercrime and digital deviance. Routledge.
Rials, W. (2021). Top cybersecurity trends for 2021 and Beyond. Homeland Security Affairs: Pracademic Affairs.
Sailio, M., Latvala, O.-M., & Szanto, A. (2020). Cyber threat actors for the factory of the future. Applied Sciences, 10(12), 4334.
Tiberiu, G. M. (2021). A study on how the pandemic changed the Cybersecurity Landscape.Informatica Economica, 25(1/2021), 42–60.
Wall, D. S. (2017). Crime, security and information Communication Technologies: The changing cybersecurity threat landscape and its implications for regulation and policing. SSRN Electronic Journal.