A look forward into the Cyber Security New Year – Sophos Threat Report 2021

Our partner Sophos has published the current Threat Report 2021. It provides a comprehensive overview of the current threat landscape for this year and provides assessments of the IT-security trends for 2021. It shows that ransomware and cyber criminals' rapidly changing behaviour will continue to be a threat in the future. Read the blog article to find out which three important cyber security trends the experts are predicting for the New Year.

Ransomware – the attacks are becoming broader and more specialized

Given the numerous high-profile ransomware attacks that have been launched this year, Sophos experts are expecting this trend to continue. Ransomware groups such as Ryuk and RagnarLocker will continue to fine-tune their strategies and tactics to target larger companies, demand millions in ransomware and maximise their profits. As the chart below shows, ransomware attacks have surged in recent quarters, and further spikes are to be expected in the coming year.


This year, it has been observed that cyber criminals have clearly distinguished themselves in terms of their capabilities and targets. However, a new trend is emerging, with ransomware groups increasingly joining forces and sharing best-of-breed tools. They are no longer operating as independent groups, but more like cyber-criminal cartels. On top of this, there is an increasing number of new arrivals who are working with ransomware for hire, such as Dharma, so they can attack a lot of targets with smaller ransom demands. Another trend is secondary extortion where not only do cyber criminals encrypt the data, but they also steal confidential and sensitive data, which they then make public if the demand is not met.

This year, experts reported that some ransomware families such as Maze even seemed to disappear. However, the same techniques and tools have resurfaced in the guise of a new ransomware, Egregor. No sooner does one threat disappear than another takes its place again, making it almost impossible to predict what ransomware attacks will look like in the future.

Common malware for more serious attacksinfoguard-whitepaper-cyber-security-ratgeber-2-ENG-preview

For IT-security teams, everyday threats like malware, botnets and opportunistic hackers trading acces data continue to be a major challenge. Attacks like these are designed to collect important data from their target and reuse it using command-and-control (C2) botnets. In addition, they scan compromised devices for any vulnerabilities, then sell this information to the highest bidders who can then use it to inflict even greater damage. This year, for example, Ryuk used the Buer Loader to plant ransomware.

In the New Year, protection against everyday malware should not be overlooked. The challenge is to draw the right conclusions from the multitude of alert messages and to detect major attacks in good time. This makes strong cyber resilience even more important. In our Cyber Security Guide 2.0, we show you 11 important ways of reinforcing your cyber resilience.

Disguised attacks via standard tools

By misusing commonly used, off-the-shelf programmes, cyber criminals can move around the network under the radar until they launch an attack. This poses a challenge to traditional security approaches, as the use of programmes like these does not automatically trigger an alert. This is why new approaches are needed, for instance proactive threat hunting, which can correctly identify even minute anomalies and traces of an attack – for example, if a standard programme is run at the wrong time or in the wrong place. With functions such as Endpoint Detection and Response (EDR) you benefit from valuable pointers that help to immediately track down potential intruders.

Other trends from the Sophos Threat Report 2021 include:

  • COVID-19 has had major implications for IT-security. Working from home presents new challenges because the company’s security perimeter has to be distributed across many different home networks, all of which are based on highly variable levels of security.
  • Applications that have traditionally been labelled as “potentially unwanted” (PUA) because they deliver a plethora of advertising (but which are not malicious) are becoming increasingly indistinguishable from overt malware.
  • Server attacks: cyber criminals target server platforms running Windows and Linux, and then use these platforms to attack organisations from within.
  • Standard services such as RDP and VPN remain a focus for attackers. In the process, RDP is also used to propagate more widely within the networks…
  • …and of course, the challenges associated with the growing use of cloud services.

In the New Year, cyber security will continue to be one of the most important success factors in remaining competitive in the future! That is why you should take the appropriate measures today rather than tomorrow, and consult our cyber security experts.

Request advice from cyber security experts

You can download the complete Sophos Threat Report 2021 here. You can find out more about the trends and receive detailed assessments and background information.

Download Sophos Threat Report 2021

<< >>

Cyber Risks

Mirjam Burkard
About the author / Mirjam Burkard

InfoGuard AG - Mirjam Burkard, Senior Online Marketing Manager

More articles from Mirjam Burkard

Related articles
Keeping the best till last − our cyber-crime advent story for 2020 [part 3]
Keeping the best till last − our cyber-crime advent story for 2020 [part 3]

In the final part of our Advent story, we show you the importance of acting quickly and professionally in the [...]
[Video] InfoGuard Incident Response − a real Ransomware attack on a Swiss customer
[Video] InfoGuard Incident Response − a real Ransomware attack on a Swiss customer

There have been challenges to cyber security posed by Nephilim, Ryuk, Trickbot, Emotet and most recently by [...]
Home office? Why not, but do it “securely” with these 5 tips
Home office? Why not, but do it “securely” with these 5 tips

Until recently commuters were crowded together, one on top of the other, but thanks to coronavirus, now there [...]

Exciting articles, the latest news and tips & tricks from our experts on all aspects of Cyber Security & Defence.

Blog update subscription
Social Media