2020 was a banner year for cyber attackers. They took advantage of the disruption of the pandemic, organized around ransomware, and continued creating more sophisticated methods of attack against less protected devices.

During the middle of last year, the FBI has already reported a 400% increase in reported cybercrime.

Because online threats are always evolving Tucson businesses need to ensure their cybersecurity protections are also expanding to keep up. This is why it’s a good idea to have an annual IT security assessment to identify any new weaknesses when matched with new and emerging attack modes.

How do we know what is “new and emerging?” Through reports from cybersecurity companies like Sophos. Each year many of those in the IT security industry put out reports from analysis of attacks over the past year. This helps everyone identify trends they can use to inform cybersecurity spending.

One of the first released that takes a look at 2020’s attacks is the Sophos 2021 Threat Report. It was compiled from in-depth analysis of malware, breaches, and other cyberattacks by SophosLabs and several of the company’s cloud and cybersecurity teams.

We’ll go through the key findings in the report and what they mean for your IT security strategy.

What Are the New & Emerging Cyber Threats?


One of the biggest stories of 2020 is the continued increase of ransomware attacks. Three key areas of increase include attack volume, remediation costs, and ransom request.

The average cost to remediate a ransomware attack is:

  • 100-1,000 employees: $505,827
  • 1,000-5,000 employees: $981,140
  • Global average: $761,106

Paying the ransom demand, roughly doubles those costs!

Why is ransomware becoming more dangerous? According to the Sophos report, it’s because organized crime has now organized ransomware as a big money-maker. Criminals have increased delivery efficiency and are better targeting victims for more profit.

What You Need to Do:

To ensure your business is fully protected from ransomware takes a multi-pronged strategy that includes the following:

  • Having a good data backup & recovery plan
  • Ensuring solid remote employee security
  • Using an email filter for spam and phishing
  • Using a DNS filter to block malicious websites
  • Using monitored antivirus/anti-malware

Everyday Threats

Hacker have also been going after software and systems that are used every day in office workflows.

This includes attacks against servers running Windows and Linux, and attacks on systems that may be new to a workflow due to the pandemic; Remote desktop Protocol (RDP) and a virtual private network (VPN).

Other everyday threats found by the Sophos team include a new use of previously low-end malware, like adware, that was a problem but not as dangerous as other malware. This type of malware is now being used for higher-damage attacks, making it more dangerous.

It turns out that lack of basic security hygiene was found to be “at the root

cause of many of the most damaging attacks” the security teams investigated.

What You Need to Do:

It’s important to keep employees regularly trained on good security hygiene. This includes things like creating strong passwords, using multi-factor authentication for all logins, and understanding how to identify a phishing email.

Companies also need to keep threat monitoring and response protections in place on all systems, but especially those “everyday” systems that everyone is using often throughout their workflows.


Much of the increased cybercrime activity seen over the last 12 months is due to the pandemic. It caused major disruptions in how businesses need to operate, leaving open vulnerabilities that hackers have been exploiting.

A big one is employees that work from home. Not only are home networks typically less secure than business networks, companies have often been slow to figure out how to properly secure their logins and keep track of endpoints connecting to their networks.

As cybercriminals have been taking advantage of this disruption, they’ve also been organizing and branching out into a service economy that allows less experienced hackers to join in with pre-built exploit kits and the like.

What You Need to Do:

It’s important that businesses get help from IT professionals to expand their network security to employee homes. This can include the use of a business VPN and using remote managed services to keep employee devices updated and monitored for any threats.

Endpoint device management is also a necessity. Companies need to track all those computers, mobile devices, and smart gadgets that are connected to their assets. Using a tool like Microsoft Intune allows you to track each endpoint and apply blanket security policies.

Access and identity management is also important to ensure cloud accounts aren’t being breached and taken over by hackers.

See Where You Stand With a Cybersecurity Assessment by ECN IT

ECN IT Solutions can help your Tucson business ensure you’re ready for new and emerging threats. We’ll do a full IT security assessment and let you know any areas of vulnerability in your network that need to be addressed.

We’re here and ready to talk cybersecurity with you! Reach out at 520-355-7553 or through our website.