In 2020, organizations’ networks became more widespread, complex, and transparent than ever, leading to more potential security threats and intricate responses due to the diversity of devices and employees.
As a result of these changes, many of the top network attacks of 2020 have been easily identifiable threats such as ransomware and viruses. However, that year the threats also got significantly more damaging, including phishing. However, these top network attacks will not be isolated until 2020. Many, if not all, of these threats will follow businesses over the decade, so IT teams need to stay prepared, according to author Aditya Mukherjee.
Below is an excerpt from Mukherjee’s book Network Security Strategies. The excerpt is from Chapter 3, “Mitigating the Top Network Threats of 2020,” which explains the top ten network attacks of 2020, how to remediate them, and ways to remedy network vulnerabilities.
The top network attacks of 2020 were:
- Rogue Applications and Fake Security Alerts
- Inside Threats
- Viruses and worms
- Trojan horses
- distributed denial of service attacks
Click here to learn more
about the book.
Three threats that Mukherjee identified for the 2020s in particular were ransomware, phishing, and social engineering.
Social engineering is a type of attack that relies on human vulnerabilities as opposed to vulnerabilities in networks or other services. With these threats, attackers manipulate their targets into potentially doing something they normally don’t, such as: For example, security protocols or business best practices that allow the attacker to gain access to the company’s network – sometimes for financial reasons. As such, social engineering plays a key role in both phishing and ransomware, and is likely to continue to do so for the foreseeable future.
With the fulcrum of remote working, organizations have seen a dramatic increase in business email compromises, as well as phishing emails and social engineering attempts to gain access to users. In the past seven to nine months, companies have taken the time to inform employees that they are not disclosing business-critical or classified information over the phone or email. Fortunately, this has improved, said Mukherjee. Nevertheless, these topics are relevant and must be in the foreground.
This excerpt can help organizations understand and mitigate these key threats so that IT teams don’t learn to deal with these issues when it’s too late.