The Sophos 2021 Threat Report says that things will get worse next year, with continuing ransomware at a range of sophistication levels. The impact of the COVID 19 pandemic on IT security, such as the security challenges of working from home using personal networks means systems are protected by widely varying levels of security.
The report highlights the fact that this is now a marketplace. Everyday threats such as commodity malware, including loaders and botnets, otherwise known as Initial Access Brokers, will demand serious security attention as we increasingly see human operators selling information and access to the most lucrative targets to the highest bidder, it says.
All ranks of adversaries will increasingly abuse legitimate tools, well known utilities and common network destinations to evade detection and security measures and thwart analysis and attribution, meaning human-led threat hunting and managed threat response will become increasingly important next year.
The security challenges facing cloud environments shows that cloud computing has successfully borne the brunt of a lot of the enterprise needs for secure computing environments, but faces challenges different to those of a traditional enterprise network
The full Sophos 2021 Threat Report is available here