What is the defence against the most common attacks which are coming in the end of 2020?

Situation in cybernetic security is rapidly changing on daily basis. For non-professionals it is almost impossible to stay in touch with the most recent security trends and challenges/dangers.

This statement is even more actual nowadays, as the dangers were made more severe by Covid-19. Where are we in the last part of 2020 and what are the challenges laying ahead?

Home office is a thief´s opportunity

Due to pandemic and prolonged emergency state numerous companies has switched into home office working environment. Most unusual way of connection is remote desktop mostly done by Remote Desktop Protocol (RDP) which is integrated inside windows. This prolongedly criticized tool serves as a backdoor for attackers into otherwise well protected site. 

RDP´s protection tools are in better shape in windows 10 than in the past, but the attackers know it very well and they use automatized brute-force attacks. The automatized scripts use endless combinations of passwords and usernames in order to access your site. Brute-force is not sophisticated attack, but its power lies in automatization and tirelessness. 

Ransomware on the rise again

After noticeable decline in power after March 2020 ransomware is again regaining its former power. The most dangerous fact is that most of the attackers used their forced free time during Covid to further improve codes and developing stronger forms of the virus. 

The most threatening one attacks users’ passwords through e-mail spams. It tries to get passwords which are saved in our browsers and possesses ability to attack 20 most used internet browsers. The most developed version can even note what are you typing on your keyboard. 

Phishing and DDoS are going to lead

Its usually that in crisis cyber attackers are trying to further damage things which are already problematic. This is what happened with Covid-19 and it is happening even in the decline. From the beginning of the summer attackers have been able to send emails which seem to be send from the official human resources department in companies. 

Some of these emails contain false information about parent leaves and holidays. Others contain false information about people being fired and offered two months’ pay after sending documents in reply. The goal was to get sensitive information’s. With rising unemployment, we can expect these to be on raise again. 

DDoS attacks are probably going to be more common as well. Throughout the year they have been almost tripled in frequency and this trend is becoming even worse. DDos has a main goal to overload and crash web sites and prohibit users from using them. Most common targets in pandemic was providers of healthcare and travel agencies but nowadays the attention of attacks is being stretched towards economy, e-shops, banks and other financial institutions. 

It is extremely hard to follow all these for non-professionals. It is not only about having perfect plan and security, but one also must be actively following and predicting newest trends and steps of the attacker. This requires substantial amount of knowledge and sources but especially time which you do not have when you must manage your own company. If you want to be sure that your security is in the best shape, do not hesitate to use external services. So called Security as a Service (SaaS) is a huge trend and is rightfully getting better and widespread reputation.