Cyber Security 2020 - Some Other Predictions

Uploaded on 2019-12-27 in NEWS-Cybersecurity News, FREE TO VIEW

With 2020 approaching, various leading experts have been giving  given their predictions for cyber security in the year year ahead.

Although innovative cybersecurity solutions offer a way forward to ensure privacy protections are workable and effective, most people see that the continuing impact of data breaches, ransomware, identity theft, denial-of-service attacks and other cyberattacks as proof that cybersecurity has become the Achilles Heel, not the savior, for innovation. 

Even as exciting advances occur in artificial intelligence (AI), autonomous vehicles, 5G networks cloud computing, mobile devices and the Internet of Things (IoT), these same developments also seem to cause disruptions that all to often make the  headlines.   

Phishing Attacks Persist
According to some experts, companies could be about to see a continuation of a struggle against phishing attacks.
A recent Report by Europol found that spear phishing is currently the most frequent on EU companies.

Jeremy Hendy, the CEO of Skurio, has expressed belief that this will continue to be a common problem. “Throughout 2020 we’ll continue to see a rise in this form of attack and it’s not only the largest enterprises that will be preyed upon.... all businesses will need to be prepared for more CEO fraud attacks, a well-crafted email, imitating communications from a trusted executive, usually convincing someone to make an urgent money transfer. It’s made to look like the ‘real deal’, and it works.....These usually happen as a result of leaked email credentials finding their way on to dark web marketplaces, which can be used for account takeovers (ATO’s) for even more specific and credible phishing emails.”

Cyber attackers increasingly focus more on SME’s
As for what kind of company is likely to be at risk of a cyberattack, it’s been said that a lack of sufficient security talent and pulling power for attracting better talent will put small and medium-sized firms in danger in 2020. “Skilled professionals will be increasingly difficult to retain...Market forces will put the option of full time, in-house security specialists, commanding high salaries, out of reach for many smaller businesses" James Hendsy thimks.

Jason Cort, director of product planning at Sharp UK, identifies connected printers as a potential pitfall. “As print solutions within small and medium-sized businesses become ever more connected, we continue to see multi-functional printers becoming digital hubs rather than standalone devices; for example, the need to understand, implement and maintain security has never been more topical,” he said. “There are still a significant number of small to medium sized businesses that need to take up the mantle. Too many think “it won’t happen to me, I’m too small”, which is dangerous and naïve.”

Accounts with re-used passwords will be more vulnerable
Another aspect of company operations that may befall security in 2020 is re-used passwords.
“With users continuing to reuse the same passwords across multiple services, the account checking Armageddon is close at hand,” said Liv Rowley, Threat Intelligence Analyst at Blueliv. “Cybercriminals take lists of compromised usernames, emails and passwords from prior breaches and use them to gain access to other sites. Thanks to password reuse, this means one breach turns into multiple compromises....poor password hygiene will make this an issue of growing importance.”

New adaptions for RATs
Rowley went on to state how attackers could go about adapting their tactics.
Although cyber security teams may well have familiar viruses scouted, it’s important to remember that these kinds of attacks, much like their biological namesakes, can mutate. “Cybercriminals are constantly redesigning Remote Access Trojans, or RATs, so they get better at bypassing security protections......Attackers will continue to adapt RATs to exploit new targets and evade detection, so we expect to see increasingly sophisticated malware in 2020.” said Rowley.

The health sector will be increasingly targeted by ransomware
Ransomware is also set to cause havoc within the next year, according to experts, but there may be one sector in particular that will be targeted. “After a short dip in ransomware popularity in 2018, it has re-emerged as a major threat, in particular to healthcare institutions......“Researchers attribute this to several factors, one of the most prominent being how malicious actors have refined their tactics: creating more efficient malware, negotiating with their victims, being more persuasive with their demands." continued Rowley. “Healthcare organisations may indeed be more willing to pay the ransom, as the sensitivity of the data handled combined with the criticality of IT systems means that any disruption would pose a huge risk, after all, patients’ lives could be at stake.”

Cyber security teams will be more diverse
Improving levels of diversity within tech workforces has been touted as a necessary step forward by experts, as companies seek to successfully protect their systems and data. Jon Fielding Managing Director of Apricom, said that employers will heed this advice when hiring cyber security staff. “The most effective way to defend a modern business against cyber threats is to build a diverse security team, equipped with a range of different skillsets and experience, including business acumen, and the ability to communicate, collaborate and lead.

Cheaper quantum computing will come higher risks
Much like any resource, as quantum technology becomes increasingly acquired and used within business, it will become more affordable.However, this could prove a trigger for cybercriminals to start turning their attention towards quantum data. “2020 will see more data breaches in anticipation of cracking the data when quantum computing becomes cheap and more affordable down the road,” said Ashvin Kamaraju, CTO for cloud protection and licensing activity at Thales.  “With potential breakthroughs like Google’s this year, it’s only a matter of time before more quantum computing power is achieved. When this happens, the encryption techniques used to sign messages and protect encryption keys will be rendered obsolete.....Next year will see an increase in the encrypted communications and encrypted data stolen by hackers as they stockpile information waiting for the tools to unlock it. So, in effect, quantum breaches will have already happened, long before the computing power comes to fruition.”

The first AI-powered cyberattack will occur, if not before the end of 2019
AI is making its way into many areas of tech, increasing efficiencies within company practices. But, it may only be a matter of time before it makes its way to the dark side of the cyber space. “If we haven’t seen it before we celebrate the arrival of the new year, 2020 undoubtedly holds the first AI-powered cyberattack,” said Marcus Fowler, director of strategic threat at Darktrace. “Advanced malware that adapts its behaviour to remain undetected has long been on the rise, and should it reach its full potential, 2020 could see a true cyber arms race....5G will only facilitate the rise of machine-speed and automated attacks. At wireless connection speeds up to 100 times faster than 4G, malware could download and spread throughout a victim’s network long before they realise that anything is amiss."

Information Age:      GovTech:

You Might Also Read:

Ransomware, Phishing And Botnets:

 

« Cyber Security Talent Crunch - 3.5m Jobs Vacant
Digital Shock: The 4th Industrial Revolution »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Boxcryptor

Boxcryptor

Boxcryptor encrypts your sensitive files before uploading them to cloud storage services.

Intelligent Waves

Intelligent Waves

Intelligent Waves holds and manages contracts to provide an array of intelligence, operational, communications and IT support to the USG in austere, forward-deployed, hazardous duty environments.

FTAPI Software

FTAPI Software

FTAPI SecuTransfer is a software solution for end-to-end encrypted data exchange of large and sensitive data with customers and partners.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

Wise-Mon

Wise-Mon

Wise-Mon is expert in its field of network monitoring and control. We give solutions to huge organizations with tens of thousands of ports, as well as small companies with one switch.

Ministry of Information and Communications (MIC) - Vietnam

Ministry of Information and Communications (MIC) - Vietnam

The Ministry of Information & Communications of Vietnam is the policy making and regulatory body in the field of information technology and national information and and communication infrastructure.

IN4 Group

IN4 Group

IN4 Group is a skills, innovation and start-up services provider that specialises in supporting businesses with the training, communities, networks and advice they need to scale.

PKF Infuse

PKF Infuse

PKF Infuse provide the highest level of cybersecurity support, implementing practical solutions to protect against cyber-attacks, from simple phishing scams to complex data security breaches.

Iconium Software

Iconium Software

DataLenz by Iconium offers continuous and real-time tracking of your data assets delivering you the tools you need to successfully reach and maintain your target security standards.

CyberconIQ

CyberconIQ

CyberconIQ provide an integrated Human Defense Platform that reduces the probability and/or the cost of a cybersecurity breach by measurably improving our clients risk posture and compliance culture.

N2K Networks

N2K Networks

N2K Networks is the world’s first “news to knowledge” network. The news to knowledge network is how you stay at the cutting edge in a rapidly changing world.

VP Techno Labs

VP Techno Labs

VP Techno Labs is an award-winning cybersecurity firm focusing only cybersecurity to develop cutting edge solutions for emerging business.

SIGLA Group

SIGLA Group

SIGLA Group specialize in the design and development of IT and OT solutions, from analysis to design, from implementation to commissioning, as well as consultancy, training and assistance.

5S Technologies

5S Technologies

5S Technologies is a regional IT solutions and services provider based in Cary, NC and serving the Carolinas.

CardinalOps

CardinalOps

The CardinalOps platform continuously assesses your detection posture and eliminates coverage gaps in your existing detection stack so you can easily implement a threat-informed defense.

Nyx Technology

Nyx Technology

Nyx Technology is your dedicated partner in navigating the intricate world of cyber security, providing you with cutting-edge threat intelligence to safeguard your digital assets.