Latest Cyber Security Threats & Trends: 2020 In Review

Uploaded on 2020-09-17 in NEWS-Cybersecurity News, FREE TO VIEW

Uncontrolled access to personal data undermines confidence in the digital world. The healthcare, shipping, and remote networking industry are increasingly being targeted by hackers.

This article reviews the key cybersecurity threats and trends every business needs to understand in 2020 and beyond. By Eddie Segal 

By Eddie Segal

Trending Cybersecurity Threats

To keep your systems and data secure, you need first to understand what the most common threats are.

State-sponsored attacks: Modern cybercrime goes beyond individual hackers trying to make a profit through ransom or data theft. Today, state-sponsored cyberattacks have emerged as one of the preeminent threats targeting critical infrastructure.

The frequency and severity of these attacks continue to increase. According to Verizon, state-sponsored attacks increased from 12% to 23% in 2019, and the numbers are expected to be even higher in 2020. The most obvious example of this approach is Russian hackers accused of affecting elections, releasing confidential information into the public domain, and hacking into critical infrastructure.

Zoom, Google Meet, and Microsoft Teams phishing scams: The number of people using videoconferencing services has significantly increased during the COVID-19 pandemic. Hackers use Zoom, Google, and Microsoft domains to pose as official links. These fake links enable attackers to trick people into giving access to personal information or accidentally downloading malware.

Internet of Medical Things (IoMT) attacks: IoMT is a connected infrastructure of medical devices, and applications that generate, collect, analyze, and transmit healthcare data. IoMT enables you to connect medical devices to the Internet. This includes personal insulin pumps, glucose and heart monitors, and pacemakers.

As with other IoT devices, hackers can exploit software and network vulnerabilities to execute attacks on both individuals and health organizations. Researchers have identified a growing number of software vulnerabilities and demonstrated the feasibility of attacks on IoMT devices. 

Attacks on smart consumer devices and smartphones: Protecting devices like fitness trackers, smart speakers, smart watches, and smart home security cameras has become one of the main concerns in cybersecurity. Connecting from public Wi-Fi networks, or accessing your company email from your smartphone can make sensitive data available to everyone. Furthermore, the use of instant messaging services and file sharing can enable hackers to easily compromise smart devices, giving access to credentials and data.

Shipping cyber attacks: Many aspects of shipping can be vulnerable to attacks, including ship navigation systems, port logistics, and ship computer networks. According to maritime cybersecurity experts, Naval Dome, shipping-targeted attacks increased by 400% since February 2020 due to the coronavirus pandemic.

During the pandemic, equipment technicians are unable to fly out to ships and rigs to upgrade and service critical OT systems. As a result, system operators find a way around established security protocols, leaving systems unpatched and vulnerable to attack. 

Latest Cyber Security Trends

The threat landscape changes constantly, as do security approaches and solutions. These solutions enable security teams to adapt to new attack methods, and identify vulnerabilities before attackers can exploit them.

Zero-trust network technology replaces VPNs: The COVID-19 pandemic has highlighted many of the problems with traditional VPNs, including latency and open access to the entire network. Emerging Zero-Trust Network Access (ZTNA) enables organizations to control remote access to specific applications by hiding them from the public internet. Applications communicate directly to the ZTNA service provider, and can only be accessed through the provider’s cloud service.

This approach reduces the risk of exploiting the VPN connection to attack remote networks. The adoption of ZTNA requires accurate mapping of network users and their access permissions, which can slow the process.

Network security transforms from LAN-based models to SASE: 
The popularity of cloud-based security solutions is growing increasingly due to the evolution of remote network access. Secure Access Service Edge (SASE) technology enables organizations to secure remote workers and applications by routing traffic through a cloud-based security stack, instead of backhauling the traffic through a physical security appliance in a data center.

5G security: Most of the security risks in 5G mobile networks are not new. They include service provider vulnerabilities and critical infrastructure risks. However, 5G also introduces some new risks related to user safety and privacy.

5G’s short-range communication requires more cell towers with closer proximity. This proximity can increase the risk of collecting and tracking the actual location of users. In addition, service providers can potentially have access to large volumes of user data, thanks to the increased interconnectivity of 5G. This data can show what’s happening inside your home through connected devices, and smart sensors. Hackers could steal this valuable information and sell it on the black market.

Conclusion

As you can see, the current year is not short on new threats thanks to new technologies like 5G, IoMT and the increase in remote workforce. These new technologies will undoubtedly improve our lives, but also offer significant security challenges.

No matter what industry you’re in, make sure you know how your company could be affected, then plan proactive solutions like SASE or ZTNA to protect your business.

 

Eddie Segal is an electronics engineer with a Master’s Degree from Be’er Sheva University, a big data and web analytics specialist, and also a technology writer. In his writings, he covers subjects ranging from cloud computing, agile development, cybersecurity, and deep learning.

You Might Also Read: 

Five Risks That Will Define Cyber Security In 2020:

 

« Cyber Security Training For Employees
Cyber Security Should Be A Mandatory Requirement »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

evoila

evoila

evoila GmbH is one of the leading providers in consulting, analysis, implementation and management of cloud infrastructure.

InteliSecure

InteliSecure

InteliSecure offer Professional Services, Security Assessments and Managed Services for data and threat protection.

Zivver

Zivver

Zivver is the effortless, secure email platform, powering the next generation of secure communications.

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA)

Professional Insurance Agents (PIA) offer commercial insurance services including Cyber Liability insurance.

Innotec Security

Innotec Security

Innotec Security is a Spanish company specializing in cybersecurity-as-a-service, cyber resilience and cyber risk management.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

TechRate

TechRate

Techrate is an analytics agency focused on blockchain technology and engineering. Or expertise includes security and technical audits of projects.

FraudScope

FraudScope

FraudScope is an AI-assisted platform that accelerates the identification of fraud, waste, and abuse.

MOXFIVE

MOXFIVE

MOXFIVE is a specialized technical advisory firm founded to bring clarity to the complexity of cyber attacks.

Axur

Axur

Discover and eliminate digital fraud and risks on the web. Utilize Axur’s entire AI potential, along with thousands of bots dispersed throughout the surface web as well as the deep and dark web.

Cyber Dacians

Cyber Dacians

Cyber Dacians offers Information and Cyber Security Consulting Services. We help you to test the effectiveness of your security defenses and build a secure infrastructure.

Presidio Identity

Presidio Identity

Presidio Identity offers a digital-native approach that brings security, privacy, and simplicity to user authentication and digital interactions.

Information Services Group (ISG)

Information Services Group (ISG)

As a leading global research and advisory firm, ISG partners with our clients to determine a future vision, lead rapid change and realize the value of your digital investments at scale.

SENTRIQS

SENTRIQS

SENTRIQS advanced encryption technology is engineered to defend against the most sophisticated cyber threats, keeping your operations efficient and secure.

Hughes Network Systems

Hughes Network Systems

Hughes are industry leaders in networking technologies and services, innovating constantly to deliver the global solutions that power a connected future for people, enterprises and things everywhere.

Universal Technical Resource Services (UTRS)

Universal Technical Resource Services (UTRS)

UTRS is a technology firm that delivers a wide range of engineering, technical, strategic, and digital services to the public and private sectors.