UMGC Cyber Experts Predict Rise in Attacks on Software, Cloud and Critical Infrastructure in the Year Ahead

In this end-of-the-year post we offer a reprint of our annual predictions and trends to watch out for in 2021, featured on the University of Maryland Global Campus Global Media Center back in November.  

UMGC Cyber Experts Predict Rise in Attacks on Software, Cloud and Critical Infrastructure in the Year Ahead

What a year 2020 has been. The Covid-19 pandemic has had an impact on our lives in so many ways—how we work, conduct business, socialize, learn and simply go about our daily routines. It also has affected the security of the workplace and individuals. We have seen a rise in phishing, ransomware and other types of malicious attacks due, in large part, to the dramatic increase in remote work and learning.

Meanwhile, the lead-up to the November 3 election exposed both the real—and imagined—vulnerabilities in the nation’s disparate voting systems. A citizenry that was already anxious about voting during a pandemic also had to sort through a tsunami of news stories questioning the legitimacy of election results and the accuracy and security of our voting process.

Will the cybersecurity concerns of 2020 carry over into the new year?

Here are the top six trends and predictions to watch for in 2021, according to University of Maryland Global Campus cybersecurity faculty experts Valorie King, program director for UMGC Cybersecurity Management and Policy; Bruce DeGrazia, collegiate professor, Cybersecurity Management and Policy; and James Robertson, program director for Cyber DevOps.

From Valorie King, program director, UMGC Cybersecurity Management and Policy

  • Attacks on Remote Workers: Phishing attacks, ransomware, and other types of malicious software-based attacks will create more havoc in the coming year as perpetrators shift their attack vectors and methods to focus on remote workers. Organizations will need to update their incident response plans and procedures to account for attacks against a dispersed workforce that is using an increasing variety of remotely connected and potentially vulnerable devices.
  • Demand for IT Support: In order to protect geographically dispersed IT assets and information as they defend against threats and attacks, organizations with remote workers will need to hire and train more IT technicians and IT help desk personnel who have advanced cybersecurity skills and knowledge. This trend will be fueled by the need to patch and maintain increasing numbers of laptops and other digital devices, the need to remotely install and maintain more software, and the need to set up and then deploy new computers, tablets, phones and other equipment to a remote workforce.

From Bruce DeGrazia, collegiate professor, Cybersecurity Management and Policy

  • State-Sponsored Cyberattacks: The Russians, Chinese, North Koreans and Iranians have already seen how effectively they can create chaos both through cyberattacks and disinformation campaigns. Expect to see further attempts at disruption as these countries test the incoming Biden administration.
  • Attacks on the Utility Infrastructure: We will see a rise in critical infrastructure attacks, particularly to the electrical grid, but also against alternative energy-generating industries as we continue to shift away from fossil fuels. These attacks will soon target alternative energy-generation facilities as they become more prevalent.

From James Robertson, program director for Cyber DevOps

  • Threats to Cloud Security: As more organizations move to the cloud, security issues resulting from poor or expedited implementations will result. Understanding the shared responsibility model—the responsibility for security is shared between the provider and the customer—is key in mitigating these issues.
  • AI Vulnerabilities: Increases in artificial intelligence/machine learning applications will cause an increase in vulnerabilities and weaknesses, including the ability to contaminate training pools, modify validation sets, and create AI systems that learn from previous successful attacks to expedite attacks on other hosts.