“In 2020, we observed an explosion in the number of cyberattacks targeting companies and states around the world, to unparalleled levels. This trend confirms the acceleration we had anticipated, and indicators show that this will continue in 2021. Our forecasts are justified by the multiplication of connected devices, the cloudisation of services and the deployment of 5G." Clément Saad, CEO and co-founder of Pradeo.
Malware will use new distribution channels
Last month, a massive phishing campaign through SMS (smishing) took place in France. The SMS messages usurped the identity of the French government and encouraged people to download the "Tousanticovid" application through a specified URL. The application in question was in fact a malware whose aim was to steal sensitive user data.
Malware infiltrates mobile devices by hiding into applications. Until now, infected applications reached their targets by being downloaded from app stores. But now, cybercriminals bypass the usual channels to maximize their effectiveness. Increasingly, they will bypass application stores and their security barriers by being brought to users through unsecure sources such as text messages and QR codes for example.
5G will accelerate data theft
The 5G network facilitates the use of connected mobile services, allowing a high speed of execution. Mobile attacks equally benefit from it. Thanks to this new generation of mobile network, malwares and other programs aimed at stealing data will be able to transfer a maximum amount of information in record time. Along new antennas’ installation, we will see a gradual increase in mobile data leakage. Furthermore, the much faster speed of 5G will contribute to an increase in spying attempts through the microphone and camera, which were previously uncommon because resource-intensive.
Open-banking will be targeted
With open-banking, regulations encourage banks to open their information systems and share their customer data with third parties through APIs. This allows developers to integrate third-party banking services and data into their applications (mobile wallet, banking aggregator, online retail…). Although decisive, this technological breakthrough comes with its share of risk. In 2021, we will see an increase in the number of fraudulent transactions taking advantage of open-banking. Banks will need to be able to determine the legitimacy of third-party applications that communicate with their servers.
Personal device usage will skyrocket
Although brought abruptly, remote working has convinced companies and employees of its many advantages. At a time when many companies have finally decided to sustain this way of working, the boundary between personal and professional life has never been so blurred. This trend will result in an increase of the use of personal smartphones and computers to access corporate information. This will profoundly scramble the perimeters and cybersecurity will have to be seen in a new light, in order to protect BYOD devices without restricting usages.
To face the surge or cyberattacks, the Zero Trust approach will no longer be an option in 2021. This year more than ever, companies will have to integrate mobile security into their overall security strategy, by fulfilling three missions:
- Securing devices
- Validating the legitimacy of applications
- Authenticating users and devices