Predicting the future is difficult at the best of times but 2020 certainly threw us a few curve-balls. Even so, with hindsight it has only accelerated trends that were already pretty clear within IT security. The most serious forms of cyberattack – such as ransomware and blackmail – have been increasing in frequency and ruthlessness: even healthcare providers and companies working on Covid-19 vaccines were hacked in 2020. Scruples? Here are a few sobering IT Security predictions for the coming year.

VPN security

The multiple COVID-19 lockdowns caused a surge of investment to support remote workers with cloud software, VPNs and laptops. This investment plus the financial advantages of a distributed workforce ensure that many will continue to support it in the future, but few have yet updated their security procedures to match. Zoom quickly experienced exploits and we expect to see more incidents throughout 2021 until firms understand the new risks and tighten up network and endpoint security.


Ransomware is one of the most serious attacks a firm can suffer and is growing steadily as we approach 2021. The phishing attempts and trojans that deliver it are becoming far better at fooling their targets into giving access – sometimes by penetrating email exchanges and spoofing the identity of a correspondent within the thread. Without radical investment in better security – such as AI behavioural analytics – the situation seems poised to get worse.

The criminals are also expanding their targets from international companies, healthcare providers, energy companies and public rail networks to smaller businesses likely to have weaker security.


Attackers who successfully steal data have taken to blackmail. Even if the data is of relatively low value, the GDPR and other new security regulations now expose them to major fines if the breach becomes public – so they have a motive to pay the blackmail demand to prevent the data being made public.

The Internet of Things

Zero day attackers probe software (and systems) for flaws previously unknown to their authors. Zero day attacks are hardly new and vendors respond by making patches available as fast as they can after a vulnerability becomes known. The new problem however is the IoT: it is a great deal more difficult to update millions of distributed devices than a suite of office computers. DDos and sabotage attacks against the IoT are therefore likely to increase in 2021.

Goodbye cryptominers?

Cryptominers are usually trojans that download from a website and use your computer to invisibly create bitcoins for their controller. By definition they want to stay hidden, but they still manage to slow down infected computers and clash with other software. Their operators depend on infecting millions of computers to make a decent quantity of bitcoin. Greater awareness of cryptominers, combined with moves to make them illegal and the increasing difficulty of generating a bitcoin profit may actually see them decline.

User authentication

Driven by spiralling fraud, more organisations and individuals are embracing multi-factor authentication (MFA) so this will become more prevalent in 2021. Token-based MFA is particularly effective, but has struggled to garner enthusiastic user acceptance. Companies are also turning to biometrics – both on mobile devices, desktops and even on the new biometric bank and credit cards. Placing a fingerprint on a card to gain access to systems and accounts will become commonplace in 2021.

Artificial intelligence

AI has the potential to make cyberattacks more numerous and insidious, but also to make cyber-defence more effective. Using AI attackers can potentially disguise themselves as legitimate network users while stealing data or persuading individuals to trigger a malicious download. On the other hand, AI-driven security suites are identifying intruders and locking down malware faster using behavioural analytics and ‘supervised learning’.

2020 was difficult for everyone and cybercriminals took advantage. 2021 will be a much happier year if everyone reviews their security requirements and incident preparedness while there is still time.