In 2021, we saw the end of the era of identity theft and the beginning of the next: the era of identity fraud. According to a recent report by the Identity Theft Resource Center® (ITRC), the number of data compromises rose to 23 percent in 2021 for a new record, beating the previous all-time high (1,506) set in 2017. The shocking reality is that cybercriminals have been significantly more successful as the execution of their attacks grow in complexity and sophistication.
Top 3 Identity Theft Trends of 2021
With the changing landscape of cyber threats, we wanted to highlight the top three identity theft trends that affected both individuals and companies alike during 2021.
Triple Extortion Cyber Attacks
Ransomware attacks surged 93% in the last six months of 2021, notably with a rise of triple extortion ransomware attacks that demand more than one payment to unlock data. This new trend of attacks involves victims paying hackers multiple times to unlock their data and documents or risk having it exposed to the world. This trend is hazardous, resulting in significant financial losses for businesses and disrupting operations. It can damage an organization’s reputation and cause customers to lose trust in it. Therefore, companies need to take steps to protect themselves from such attacks. With up to 83% of victims paying the ransom, this created a need for increased online security in 2022, or hackers are poised to continue getting big paydays from their malicious activities in the years ahead.
Attacks on Critical Infrastructure
2021 has been challenging for many organizations as they face an increasing number of digital hacks, mostly related to ransomware. These hacks have targeted critical infrastructure, disrupting everything from transportation to healthcare. Organizations responsible for essential services are a prime target for bad actors because their reward stands to be much higher; companies cannot risk their data being leaked or being inoperable, so they pay the hacker’s ransom. These organizations have also been more vulnerable with the rise of remote work. At the current rate, ransomware attacks will surpass phishing as the number one root cause of data compromises in 2022. This requires organizations to be vigilant and take the best precautions to protect their organization from a growing cyber threat.
A Growing Remote Workforce
In 2021, companies continued operating with a remote workforce, creating significant implications for the world of cybersecurity. This means unplanned cloud migrations and quickly acquiring IT products and services that accommodate a new remote work environment. Global cyberattacks increased as hackers continued to exploit the COVID-19 pandemic and shift to remote work. During the pandemic, the desire to keep business running caused several companies to rush security measures, and some ignored them entirely. This has led to a heightened level of vulnerability for many organizations and their customers, creating a new need for companies to implement measures to mitigate cyber threats.
Preparing Operations for 2022
The looming threat of a cyberattack is widespread, affecting nearly every industry. Compromises increased year-over-year in every primary sector but the military, where no data breaches were publicly disclosed. The manufacturing & utility sector saw the most significant percentage increase in data compromises at 217 percent over 2020. Organizations should be conscious of recent trends and create a plan to protect themselves and their customers from them. If they do not, companies are not only at a disadvantage; they are left wide open to digital threats.
Image #1: According to the CEO of the ITRC, Eva Velasquez, we have moved “from the era of identity theft to identity fraud”.
At YouAttest, we believe the solution to this threat is an IT security strategy that employs zero trust and intelligent identity governance. Now, cybercriminals don’t go for the mainstream identity theft; rather, they want to create and empower an identity that can be used over and over.
Knowledge of the activation status and privileges of all users is imperative. With this in mind, YouAttest is a powerful solution for companies that delivers this identity knowledge to the enterprise via Identity triggers and identity access reviews. Through YouAttest an en enterprise ensure identities are both legitimate and have the appropriate levels of access permission.
This mitigates the problems of malicious privilege escalation and privilege creep.
—
YouAttest is an automated identity audit tool for your identity and access control resources. Cloud based and simple to use – YouAttest provides a quantified platform for your identity audits with quick time to value and no overhead cost. Contact us and we will start your identity auditing journey.
