2021 Malware Trends: What We Should Expect

April 9, 2021

It seems as if news of another malware or ransomware attack surfaces every day. From the ransomware attack against defense contractor CPI to an Emotet campaign impersonating  the Democratic National Committee, 2020 was booming with malware and ransomware incidents. Unfortunately, sophisticated and devastating malware and ransomware attacks will likely  increase throughout 2021 as threat actors continue to capitalize on global affairs. 

Here are some of the trends in malware and ransomware we predict will dominate in 2021: 

Healthcare and Financial Sectors Will Be Highly Targeted 

The world may still be in the midst of a global health crisis, but that won’t deter hackers from targeting healthcare organizations. In 2020, we witnessed many cybercriminal gangs leveraging COVID-19 in scams and malicious campaigns. Security researchers have even discovered that ransomware attacks against healthcare organizations have jumped about 45% since early November. Now, with vaccine distribution ramping up, hackers will likely continue to set their sights on these organizations and pharmaceutical companies. This trend has already been demonstrated, as seen with hackers leaking confidential documents regarding COVID-19 medicines and vaccines on the internet after a data breach at the European Medicines Agency in 2020. 

Healthcare isn’t the only industry threat actors are going after. The financial services sector is also a prime target. In Keeper Security’s 2019 Global State of Cybersecurity in Small and Medium-Sized Businesses report found that 69% of financial institutions had been victims of cyberattacks. These institutions already host troves of sensitive data belonging to both consumers and enterprises but are also processing numerous Paycheck Protection Program (PPP) loans as a result of the coronavirus pandemic, giving them access to more data belonging to organizations. 

Emotet Campaigns Will No Longer Pose a Major Threat 

Ever since Emotet’s resurgence during the summer of 2020, the botnet immediately got to work spreading ransomware, bank-fraud trojans, and other malware strains. Then, Emotet was named September 2020’s ‘most popular’ malware after affecting 14% of organizations worldwide. And, Emotet accounted for 7% of malware infections globally after a spam campaign targeted more than 100,000 users per day over the 2020 holiday season. 

Emotet continued to be a major threat as its ability to adapt tactics and techniques continued to fool end users, until law enforcement agencies cracked down in early 2021, when unified global action allowed law enforcement to dismantle the foundational components of Emotet’s operation, pulling multiple layers of infrastructure from around the globe. Since then, no new incidents have been reported. However, this does not mean cybercriminals are slowing down. While organizations have spent the past months shoring up against Emotet, we anticipate bad actors will turn to alternate forms of malware and tactics to fill this void in 2021. This could be, in part, through the introduction of new zero-day threats, which traditional, detection-based solutions let through to end-users.

As end-users continue to work from home and away from their in-office protections, the chances of a new tactic and technology beyond Emotet emerging are high. We can expect that sophisticated malware across enterprise networks will continue to cause harm in the absence of adequate endpoint security solutions. 

Hackers Will Leverage Third Parties to Reach Desired Victims 

As we witnessed with SolarWinds, hacking smaller companies can lead to more desirable outcomes and bigger targets. Not only did the hackers infiltrate SolarWinds, but were able to breach organizations within their customer and vendor ecosystem. The list continues to grow, including Fortune 500 companies and U.S. government agencies. Hackers can easily look into a company’s DNS record and identify what third parties they are working with. Once they are able to identify a vulnerability within the third-party, they can gain access to systems and share malicious files through the desired communication channel to targets including vendors and customers. These files will appear to have come from a trusted source and can easily fool the most security-conscious individuals. Once the file is interacted with, a malicious payload can be downloaded and continue infecting networks amongst connected enterprises. 

Votiro Eliminates Malware and Ransomware Threats to Ensure Enterprises Are Protected 

With malware and ransomware attacks dominating 2020, we can expect proliferation to continue in 2021. Enterprises need a solution that is going to protect their communication channels from the malicious content embedded within files and attachments. Votiro’s Secure File Gateway sanitizes all external documents before they penetrate your internal environment, effectively protecting enterprises from malware attacks, without interrupting business productivity. 

Votiro’s extensive knowledge of file composition and weaponization allowed them to pioneer an entirely new approach to file security. Votiro goes beyond blocking and quarantining malicious content – they eliminate it from entering in the first place. Votiro’s Positive Selection® technology outperforms predictive detection-based methods, guaranteeing 100% file safety.