• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Network Security, News

Sophos Threat Report: What Three Cybersecurity Trends To Look For In 2021

According to cybersecurity firm Sophos, the growing threat of ransomware tops the list of threats that will shape IT security trends in 2021.

November 19, 2020 Zachary Comeau Leave a Comment

Sophos Cybersecurity Trends

According to cybersecurity firm Sophos, the growing threat of ransomware tops the list of threats that will shape IT security trends in 2021.

The company’s 2021 Threat Report written by security researchers, threat hunters, rapid responders, cloud security and AI experts, details how cybersecurity threats like ransomware are evolving and becoming more sophisticated.

The report analyzed three key trends: the widening gap between ransomware skill levels, the need to focus on every threats and the abuse of legitimate tools to evade detection.

According to Sophos’ report, the gap between expert-level ransomware operators who target big paydays and entry-level attackers looking for high volumes of smaller pretty is widening.

Notorious ransomware families like Ryuk and RagnarLocker are becoming more evasive and sophisticated and increasingly target large organizations with ransomware demands well into the millions of dollars.

Other operators are threatening to publish sensitive or confidential information if ransoms aren’t paid, according to Sophos.

Chester Wisniewski, a principal research scientist at the company, said it a statement that the ransomware business model continues to change, as the company observed operators differentiating themselves in terms of skills and targets.

However, some operators also form collaborative groups and share tools and techniques.

“Some, like Maze, appeared to pack their bags and head for a life of leisure, except that some of their tools and techniques have resurfaced under the guise of a newcomer, Egregor,” Wisniewski said.

“The cyberthreat landscape abhors a vacuum. If one threat disappears another one will quickly take its place. In many ways, it is almost impossible to predict where ransomware will go next, but the attack trends discussed in Sophos’ threat report this year are likely to continue into 2021.”

Read Next: Why Cybersecurity Experts Choose the Good Side

Everyday, low-level threats like malware, loaders, botnets, and human-operated initial access brokers will demand more attention than in the past because these tools give attackers a foothold in a target and allow them to gather data they need to inflict further damage, according to the report.

They give operators the opportunity to review compromised devices for more lucrative data, like geolocation and other signs of high value, the report says.

That information can then be sold to a ransomware operator. Sophos notes that Ryuk used Buer Loader to carry out ransomware attacks this year.

According to Wisniewski, IT professionals need to take those low-level attack methods seriously.

“Many security teams will feel that once malware has been blocked or removed and the compromised machine cleaned, the incident has been prevented,” said Wisniewski.

“They may not realize that the attack was likely against more than one machine and that seemingly common malware like Emotet and Buer Loader can lead to Ryuk, Netwalker and other advanced attacks, which IT may not notice until the ransomware deploys, possibly in the middle of the night or on the weekend. Underestimating ‘minor’ infections could prove very costly.”

Attackers are increasingly using legitimate tools, known utilities and common network destinations to carry out these attacks and avoid detection.

This also makes it harder for cybersecurity professionals and law enforcement to track down and identify attackers.

Many of these kits are freely availably on the internet and are designed to help organizations test their networks against various attack methods. The company reported on this earlier this year.

Appearances of known tools many not trigger security warnings, and this gives rise to the human-led threat hunting and managed threat response, Wisniewski said.

“Human experts know the subtle anomalies and traces to look for, such as a legitimate tool being used at the wrong time or in the wrong place,” he said.

“To trained threat hunters or IT managers using endpoint detection and response (EDR) features, these signs are valuable tripwires that can alert security teams to a potential intruder and an attack underway.”

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!

Tagged With: Cybersecurity, Sophos

Related Content:

  • Cloud, SASE, Aryaka How the Cloud is Redefining Media Production and…
  • Singlewire Software mass notification interview Singlewire Software on Mass Notification Solutions
  • URI catchbox 1 Catchbox Plus: The Mic Solution That Finally Gave…
  • Engaging virtual meeting with diverse participants discussing creative ideas in a bright office space during daylight hours Diversified Survey: Workplace AV Tech is Falling Short,…

Free downloadable guide you may like:

  • Practical Design Guide for Office SpacesPractical Design Guide for Office Spaces

    Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-face time with co-workers. When designing the office spaces — and meeting spaces in particular — enabling that connection between co-workers is crucial. But introducing the right collaboration technology in meeting spaces can […]

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Latest Downloads

Practical Design Guide for Office Spaces
Practical Design Guide for Office Spaces

Recent Gartner research shows that workers prefer to return to the office for in-person meetings for relevant milestones, as well as for face-to-fa...

New Camera Can Transform Your Live Production Workflow
New Camera System Can Transform Your Live Production Workflow

Sony's HXC-FZ90 studio camera system combines flexibility and exceptional image quality with entry-level pricing.

Creating Great User Experience and Ultimate Flexibility with Clickshare

Working and collaborating in any office environment today should be meaningful, as workers today go to office for very specific reasons. When desig...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Contact Us
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSYour Privacy ChoicesTERMS OF USEPRIVACY POLICY

© 2025 Emerald X, LLC. All rights reserved.