Cyber Threats 2021: A Year in Retrospect
Monitoring risks to stay ahead of the curve
Over the past 12 months, global cyber threats like ransomware, 0-day vulnerabilities, and operations furnished by digital quartermasters continued to rise. These threats increasingly put organisations around the world at risk — financially, logistically, and intellectually — but, at the same time, organisations have more opportunities to build solutions that can help them thwart such threats and lessen their severity.
By building robust cybersecurity strategies with the incorporation of threat intelligence, companies today can build the capabilities they need to detect or prevent most attacks — and stay resilient in the face of something unexpected. With that in mind, every year, our global threat intelligence team tracks and reports on the strategic and technical aspects of the most pressing cyber threats, spanning geographies and sectors. The result is what you’ll find here: PwC’s comprehensive, well-researched, and highly insightful annual report on the cyber threat landscape.
Key findings
Our analysis in this report is based on intelligence gleaned from PwC’s incident response engagements and our managed security operations services around the world. It’s founded on our in-house intelligence expertise on cyber attacks and targeting from a wide variety of threat actors. Our reach gives us unparalleled understanding of the global threat landscape, including the cybercrime economy. Our research delves into the motivations and techniques of major threat actors globally, who seek to steal intellectual property, disrupt critical infrastructure, commit financial crime as well as obtain access to government networks.
At PwC, we work as a community of solvers, bringing together our people, capabilities, and technology to support our clients in building trust and delivering outcomes for their businesses. Here are the five key cyber threat trends we observed in 2021, and the ones we believe are worth paying attention to in 2022 and beyond.
In 2021, many more zero-day vulnerabilities were disclosed when compared to past years. And, more notably these zero-day vulnerabilities were quickly weaponized by threat actors, often to compromise other organisations. The abuse of zero-day exploits was also interlinked with other observations: the impact of digital quartermasters and surveillance activity against civilian targets.
Based on our in-house monitoring and analysis, the most prominent cybersecurity threat we saw facing organisations in 2021, across geographies and sectors, continued to be ransomware — powered by the prominence of ransomware as a service (RaaS), affiliate schemes, and malware delivery systems (like TrickBot, IcedID, and QakBot). The majority of incidents were financially motivated; the number of victims almost doubled; and double extortion (i.e., the leaking of stolen data, or the threat to do so), became standard procedure, adding privacy, regulatory, and reputational risks to the crisis of business disruption caused by data encryption.
While supply chain attacks weren’t a new trend in 2021, they continued to be an integral part of how sophisticated threat actors operate. The threats in this area often target third parties, masking backdoors with legitimate digital certificates, directing malicious traffic through trusted companies, and using established organisations to spread malware.
Digital quartermasters, or groups that supply malicious tools like malware to other groups, have been traditionally associated with providing technology to military units. But in 2021, we also saw more “commercial quartermasters,” or companies selling offensive security capabilities such as spyware, 0-day exploits, and related capabilities to more customers based in numerous countries.
A rising number of state-sponsored threat actors performed espionage and intrusion activities of civilian targets in 2021. Most concerning, they increasingly targeted vulnerable groups including minorities, civil right activists, dissidents, politicians, and journalists, often through NGOs, social movements, and faith-based organisations, posing a significant threat to achieving a secure digital society for all.
Download the reports
Year in Retrospect Report
In our annual Year in Retrospect Report, we bring you our latest insights to help you understand the motivations of attackers and cyber threats impacting your organisation.
Technical Annex Report
This Technical Annex supplements our Cyber Threats 2021: A Year in Retrospect report, which examines the overarching and thematic cyber threat trends from 2021.
Our services
Our threat intelligence services cater for organisations at various stages of maturity – whether they are developing an in house threat intelligence function, supplementing their existing function with threat data feeds or outsourcing the entire collection, analysis and distribution of threat intelligence.
For more information on how we can assist your organisation please click here.
Contact us
Global Threat Intelligence Lead Partner, PwC United Kingdom
Tel: +44 (0)7725 707360
