When we’re not talking or thinking about the COVID-19 pandemic, we’re talking or thinking about cyberattacks. It might be interesting to note that these two things have a lot in common:
- Both are essentially pandemics. Just like the coronavirus outbreak, cybersecurity attacks also take place on a global scale and happen every few seconds.
- Just like the coronavirus spreads from person to person, cybersecurity malware too can spread rapidly from computer to computer and network to network.
- Cyberattacks have the potential to put you out of business, just like the current coronavirus pandemic is doing to businesses everywhere.
Here are some top cybersecurity threats businesses face:
Phishing scams typically employ social engineering to steal user credentials for both on-premises attacks and cloud services attacks.
Did you know that nearly 78 percent of cyber espionage incidents in 2019 were related to phishing?1 This number, however, is likely to increase in 2020, with phishing attempts now being launched through cloud applications as opposed to traditional emails. The implicit trust users have in their workplace cloud environments will inadvertently leave them more vulnerable to phishing tactics.
Remote Worker Endpoint Security
Remote workers often work without any network perimeter security, thus missing out on a critical part of layered cybersecurity defense. In addition to this, mobile devices can often end up concealing signs indicative of potential phishing attacks and other cybersecurity threats. That said, security experts at WatchGuard predict that in 2020, 25 percent of all data breaches will involve off-premises assets, mobile devices, and telecommuters.
Cloud Jacking is likely to emerge as one of the most prominent cybersecurity threats in 2020 due to the increasing reliance of businesses on cloud computing. Misconfiguration will drive a majority of the incidents according to the Sophos 2020 Threat Report.
Trend Micro predicts that code injection attacks, either directly to the code or through a third-party library, will be prominently used against cloud platforms. These attacks — from cross-site scripting and SQL injection — will be carried out to eavesdrop, take control of and even modify sensitive files and data stored in the cloud. Attackers will alternatively inject malicious code to third-party libraries that users will unwittingly download and execute.
As noted in Forcepoint’s 2020 Cybersecurity Predictions and Trends blog, typical public cloud vendor shared responsibility models state that cloud service providers are responsible for protecting infrastructure while the customer is responsible for protecting their data, monitoring access, managing configurations, observing anomalous user behaviors, monitoring system vulnerabilities, and patching. So, a lot of the security responsibility rests on the customers’ shoulders.
A Fortune Business report indicates that the Internet of Things (IoT) market is likely to grow to $1.1 trillion by 2026. Needless to say, this widespread use of IoT devices will herald a larger number of increasingly complex cybersecurity threats. There could also be a serious threat to the Internet of Medical Things (IoMT) that could become a grave Internet health crisis.
The fact that a majority of the new IoT devices are still in their infancy means that there’s a much larger attack surface for cybercriminals to target the vulnerabilities associated with these novel technologies. In addition, it is extremely difficult to develop cybersecurity strategies to keep up with the rapid emergence of new IoT devices.
Sophisticated and Targeted Ransomware Attacks
Ransomware attacks have been a major concern for businesses over the last couple of years. The reason why ransomware has persisted for so long is the relative simplicity with which an attacker can achieve devastating effects. Ransomware kits are dirt cheap and readily available on the dark web.
2020 will see the emergence of highly sophisticated and targeted ransomware attacks. The head of cyber investigations at McAfee, John Fokker, predicts that the ransomware underworld is likely to consolidate, resulting in the creation of fewer but more powerful malware-as-a-service families that will work in conjunction with one another.2
He further adds that there will be a continuation of the most powerful ransomware brands that employ the use of affiliate structures to render their threat more serious. This is a major cause for concern since the effects of a single ransomware attack can be extremely damaging to small and midsize businesses, leading to exorbitant costs associated with downtime and recovery.
A deepfake is the use of machine learning and artificial intelligence (AI) to manipulate an existing image or video of a person to portray some activity that didn’t actually happen. There’s a lot of speculation that deepfakes might eventually emerge as a major cybersecurity threat, with it being used for malicious intent.
There are possibilities of deepfake techniques being used in attempts to manipulate the 2020 U.S. presidential election, for example. We might also witness other cybersecurity threats, such as deepfake usage for committing fraud through synthetic identities, and the emergence of deepfake-as-a-service organizations. 2020 might also be the year when deepfakes go on to render more convincing phishing scams than ever before, which could end up costing businesses billions of dollars.
With a greater number of users gradually moving from their desktop operating systems to their mobile devices, the amount of business data stored on the latter is getting larger by the day. Mobile malware is malicious software that is designed to specifically target mobile phone operating systems. As more and more critical and sensitive tasks are performed on smartphones, it is only a matter of time before mobile malware emerges as one of the most prominent cybersecurity concerns.
5G-to-Wi-Fi Security Vulnerabilities
The need for companies to find new ways to enhance security has never been greater due to the cybersecurity skills gap and the increasing sophistication of cyberattacks. Attackers will undoubtedly find new vulnerabilities in the 5G-to-Wi-Fi handover. With 5G networks rapidly emerging, wireless carriers are handing off more calls and data to Wi-Fi networks in a bid to save bandwidth. The software vulnerabilities in this handover process provide an opportunity for hackers to compromise security.
With 5G rolling out across expansive public areas like airports, shopping centers and hotels, the voice and data information of users on their cellular-enabled devices gets communicated via Wi-Fi access points. While mobile devices possess built-in intelligence to silently and automatically switch between cellular and Wi-Fi networks, security researchers have already identified a number of vulnerabilities in this handover process. It is very likely that new, critical 5G-to-Wi-Fi security vulnerabilities will be exposed in 2020.3
The 2019 Verizon Data Breach Investigations Report (DBIR) shows that 34 percent of breaches involve internal actors. Insider threats not only involve malicious attacks, but also the negligent use of systems and data by employees.
To protect against these threats, organizations need to quickly and accurately detect, investigate and respond to issues that could be indicators of insider attacks. Common antivirus and anti-malware (AV/AM) tools are usually ineffective against these threats. Insider threats require specialized tools.
These tools detect insider threats by monitoring:
- Unauthorized logins
- New apps installed on locked-down computers
- Users that were recently granted admin rights to a device
- New devices on restricted networks, and more.
These tools may combine machine learning and intelligent tagging to identify anomalous activity, suspicious changes and threats caused by system misconfigurations.
Application Programming Interface (API) Vulnerabilities and Breaches
A recent study by Imperva indicates that application programming interface (API) security readiness typically lags behind web app security across the majority of organizations today. Additionally, more than two-thirds of the organizations readily make APIs available to the public to allow external developers and partners to tap into their app ecosystems and software platforms.
As the dependence on APIs increases, API-based breaches will become more prominent in 2020. This will trigger adverse impacts on high-profile apps in financial processes, messaging, peer-to-peer and social media. As more organizations continue to adopt APIs for their applications, API security will be exposed as the weakest link, which could lead to cloud-native threats and put user data and privacy at risk.
Practical Strategies to Enhance IT Security:
- Automate patch and vulnerability management to keep your systems up to date and protected against potential cyberthreats
- Backup your systems and SaaS app data to ensure efficient and quick recovery from ransomware and other attacks
- Deploy advanced AV/AM solutions that provide endpoint detection and response (EDR) and keep your systems secure
- Make sure that any laptop or device that leaves the office has a full suite of security services, including a local firewall, advanced malware protection, DNS filtering, disk encryption, and multi-factor authentication, among other protections.
- Have an incident response plan. Should a security breach occur, you need a robust action plan to efficiently deal with the breach and get your company back on its feet with minimum damage and as quickly as possible. The plan should include a communications strategy for both internal and external stakeholders, including customers, investors, and others. The more you prepare in advance, the better equipped you will be to deal with a crisis. contact us today