Top network attacks of 2020 that will influence the decade

In 2020, organizations' networks became more widespread, complex and transparent than ever before, which led to more potential security threats and convoluted responses, due to so many disparate devices and employees.

As a result of these changes, many of the top network attacks of 2020 were easily recognizable threats, such as ransomware and viruses. Yet, threats also became significantly more detrimental this year, including phishing. These top network attacks won't be isolated to 2020, though. Many, if not all, of these threats will follow organizations through the decade, so IT teams must remain prepared, according to author Aditya Mukherjee.

Below is a chapter excerpt from Mukherjee's book, Network Security Strategies. The excerpt is from Chapter 3, "Mitigating the Top Network Threats of 2020," which explores 2020's top 10 network attacks and how to fix them, as well as ways to keep up with network vulnerabilities.

The top network attacks of 2020 were the following:

1. phishing
2. rogue applications and fake security alerts
3. insider threats
4. viruses and worms
5. botnets
6. Trojan horses
7. rootkit
8. malvertising
9. distributed denial-of-service attacks
10. ransomware

Click here to learn more
about this book.

However, three threats Mukherjee noted in particular for the 2020s were ransomware, phishing and social engineering.

Social engineering is a type of attack that relies on human vulnerabilities, as opposed to weaknesses in networks or other services. For these threats, attackers manipulate their targets into doing something they may not do normally, such as breaking security protocols or organizational best practices, which enables the attacker to gain access into the organization's network -- sometimes for financial gain. Therefore, social engineering plays a key role in both phishing and ransomware and likely will continue to do so for the foreseeable future.

Aditya Mukherjee

With the pivot to remote work, organizations have seen a dramatic spike in business email compromise, as well as phishing emails and social engineering attempts to get access to users. Within the last seven to nine months, organizations have taken time to educate employees about not sharing business-critical or classified information over the phone or email, so this has luckily improved, Mukherjee said. Still, these issues are pertinent and must remain top of mind.

This excerpt can help organizations understand and mitigate these top threats so IT teams aren't learning how to handle these issues when it's already too late.