Live Global Events: Secure, Simplify, and Transform Your Business.

Zscaler Blog

Get the latest Zscaler blog updates in your inbox

Security Research

Cybersecurity Past, Present, and Future: ThreatLabZ Looks at 2020 and the Year Ahead

December 17, 2020 - 5 min read

Welcome to the end of 2020. The close of every year brings a lot of online activity—especially now, with everyone at home and socially distancing. Unfortunately, even as people stay at home to protect themselves, they are not safe from threat actors—who are busy developing exploits targeted at people working and shopping online. 

In keeping with the season, let’s take a page from a famous holiday story and look at the past, present, and future of cybersecurity findings by the ThreatLabZ team.

Past reports

Throughout 2020, the ThreatLabZ team published research collected from data in the Zscaler Zero Trust Exchange global cloud. Below are the five most-read stories we reported:

Present malfeasance

This year especially created a massive uptick in online activity. Cybercriminals are taking advantage of this increase and looking for ways to exploit it: 

  • With the holidays come Black Friday, Cyber Monday, and other enticements to lure consumers into buying products online. Zscaler noticed attackers taking advantage of this holiday activity for their targeted cybercrimes. Cybercriminals have always targeted Cyber Monday and Black Friday with phishing scams, malware attacks, and injecting malicious card skimmers into compromised e-commerce sites to steal payment card information. ThreatLabZ researchers saw a sudden spike in cyberattacks during the weeks leading to Cyber Monday (as expected), anticipating that the trend would continue in December.
  • With most companies adopting some sort of public cloud offerings, ThreatLabZ analyzed the current state of Cloud (in)security. Cloud vendors have enormous security resources available, yet barely a day goes by without news of another cloud security incident. Most of these incidents can be traced back to the insecure use of cloud services rather than security flaws in the services themselves. 
  • ThreatLabZ found a fake version of the hugely popular game Among Us in the Google Play store. The phony app is titled Amoungus and is just adware. After downloading, the app bombards the user with advertisements. The app asks users to log in or register using Gmail credentials, but the current version does not send the attacker credentials.

Future concerns

The ThreatLabZ team not only keeps track of the past and present but also looks to the future with some predictions on cybersecurity issues we might see in 2021:

  • The 2020 rush to remote work will fuel massive breaches in 2021. COVID-19 concerns forced many enterprises to set up nearly all employees with remote work. Organizations that didn’t properly configure their security architecture (cloud-native SASE architecture) for a distributed workforce expanded their attack surface and are ripe for cybercrime. Now that the dust is settling on the shift, we’ll start to see data breaches due to poorly thought-out security and corporate devices coming “in from the cold” bringing malware with them. 
  • Ransomware will be treated as a data breach. Organizations must come to grips with the surging sophistication of cyberattacks and ransomware as a company-wide responsibility, not just a CISO issue. Company-wide ransomware playbooks and response plans will dictate exactly what to do and how to mitigate any damage to the brand and address compliance matters related to leaked or stolen data. 
  • Cybercriminals will target specific markets. Pharmaceutical, biotech, and healthcare companies will see increases in targeted nation-state attacks. Cybercriminals’ goal will be stealing intellectual property, PHI data, and credential-skimming through targeted phishing campaigns that align with public interests (such as COVID-19 developments and breakthroughs). 
  • We will continue to see fallout from the SolarWinds supply chain attack (and others like it). On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds Orion platform, which organizations use to monitor and manage IT infrastructure. Attackers will continue to attempt breaches that exploit compromised infrastructure software.
  • Public clouds will continue to be a source of attack propagation. The increase of enterprise public cloud consumption will increase attacks hosted in public cloud resources. The only way to protect against these attacks is by maintaining a secure cloud workload.
  • The need for cybersecurity expertise will grow more critical. There is an extreme skills shortage in cybersecurity and a massive gap between what we have and what we need. Understanding how to protect corporate assets in the cloud- and mobile-first world requires training and dedication. Enterprises would do well to increase resources for cybersecurity training programs and partners.

Zscaler manages the world’s largest security cloud. Each day, Zscaler blocks more than 100 million threats to its 4,000+ customers. Using state-of-the-art AI and machine-learning technology, the Zscaler ThreatLabZ security research team analyzes Zscaler Zero Trust Exchange traffic and shares its findings.

The Zscaler ThreatLabZ team wishes a happy and secure 2021, everyone!

form submtited
Thank you for reading

Was this post useful?

Explore more Zscaler blogs

A cyber criminal shopping for malware
Agniane Stealer: Dark Web’s Crypto Threat
Read Post
Business people walking through a city
The Impact of the SEC’s New Cybersecurity Policies
Read Post
Digital cloud illuminated in blue
Security Advisory: Remote Code Execution Vulnerability (CVE-2023-3519)
Read Post
The TOITOIN Trojan: Analyzing a New Multi-Stage Attack Targeting LATAM Region
Read Post
01 / 02
dots pattern

Get the latest Zscaler blog updates in your inbox

By submitting the form, you are agreeing to our privacy policy.