Latest Cyber Security Threats & Trends: 2020 In Review

Uploaded on 2020-09-17 in NEWS-Cybersecurity News, FREE TO VIEW

Uncontrolled access to personal data undermines confidence in the digital world. The healthcare, shipping, and remote networking industry are increasingly being targeted by hackers.

This article reviews the key cybersecurity threats and trends every business needs to understand in 2020 and beyond. By Eddie Segal 

By Eddie Segal

Trending Cybersecurity Threats

To keep your systems and data secure, you need first to understand what the most common threats are.

State-sponsored attacks: Modern cybercrime goes beyond individual hackers trying to make a profit through ransom or data theft. Today, state-sponsored cyberattacks have emerged as one of the preeminent threats targeting critical infrastructure.

The frequency and severity of these attacks continue to increase. According to Verizon, state-sponsored attacks increased from 12% to 23% in 2019, and the numbers are expected to be even higher in 2020. The most obvious example of this approach is Russian hackers accused of affecting elections, releasing confidential information into the public domain, and hacking into critical infrastructure.

Zoom, Google Meet, and Microsoft Teams phishing scams: The number of people using videoconferencing services has significantly increased during the COVID-19 pandemic. Hackers use Zoom, Google, and Microsoft domains to pose as official links. These fake links enable attackers to trick people into giving access to personal information or accidentally downloading malware.

Internet of Medical Things (IoMT) attacks: IoMT is a connected infrastructure of medical devices, and applications that generate, collect, analyze, and transmit healthcare data. IoMT enables you to connect medical devices to the Internet. This includes personal insulin pumps, glucose and heart monitors, and pacemakers.

As with other IoT devices, hackers can exploit software and network vulnerabilities to execute attacks on both individuals and health organizations. Researchers have identified a growing number of software vulnerabilities and demonstrated the feasibility of attacks on IoMT devices. 

Attacks on smart consumer devices and smartphones: Protecting devices like fitness trackers, smart speakers, smart watches, and smart home security cameras has become one of the main concerns in cybersecurity. Connecting from public Wi-Fi networks, or accessing your company email from your smartphone can make sensitive data available to everyone. Furthermore, the use of instant messaging services and file sharing can enable hackers to easily compromise smart devices, giving access to credentials and data.

Shipping cyber attacks: Many aspects of shipping can be vulnerable to attacks, including ship navigation systems, port logistics, and ship computer networks. According to maritime cybersecurity experts, Naval Dome, shipping-targeted attacks increased by 400% since February 2020 due to the coronavirus pandemic.

During the pandemic, equipment technicians are unable to fly out to ships and rigs to upgrade and service critical OT systems. As a result, system operators find a way around established security protocols, leaving systems unpatched and vulnerable to attack. 

Latest Cyber Security Trends

The threat landscape changes constantly, as do security approaches and solutions. These solutions enable security teams to adapt to new attack methods, and identify vulnerabilities before attackers can exploit them.

Zero-trust network technology replaces VPNs: The COVID-19 pandemic has highlighted many of the problems with traditional VPNs, including latency and open access to the entire network. Emerging Zero-Trust Network Access (ZTNA) enables organizations to control remote access to specific applications by hiding them from the public internet. Applications communicate directly to the ZTNA service provider, and can only be accessed through the provider’s cloud service.

This approach reduces the risk of exploiting the VPN connection to attack remote networks. The adoption of ZTNA requires accurate mapping of network users and their access permissions, which can slow the process.

Network security transforms from LAN-based models to SASE: 
The popularity of cloud-based security solutions is growing increasingly due to the evolution of remote network access. Secure Access Service Edge (SASE) technology enables organizations to secure remote workers and applications by routing traffic through a cloud-based security stack, instead of backhauling the traffic through a physical security appliance in a data center.

5G security: Most of the security risks in 5G mobile networks are not new. They include service provider vulnerabilities and critical infrastructure risks. However, 5G also introduces some new risks related to user safety and privacy.

5G’s short-range communication requires more cell towers with closer proximity. This proximity can increase the risk of collecting and tracking the actual location of users. In addition, service providers can potentially have access to large volumes of user data, thanks to the increased interconnectivity of 5G. This data can show what’s happening inside your home through connected devices, and smart sensors. Hackers could steal this valuable information and sell it on the black market.

Conclusion

As you can see, the current year is not short on new threats thanks to new technologies like 5G, IoMT and the increase in remote workforce. These new technologies will undoubtedly improve our lives, but also offer significant security challenges.

No matter what industry you’re in, make sure you know how your company could be affected, then plan proactive solutions like SASE or ZTNA to protect your business.

 

Eddie Segal is an electronics engineer with a Master’s Degree from Be’er Sheva University, a big data and web analytics specialist, and also a technology writer. In his writings, he covers subjects ranging from cloud computing, agile development, cybersecurity, and deep learning.

You Might Also Read: 

Five Risks That Will Define Cyber Security In 2020:

 

« Cyber Security Training For Employees
Cyber Security Should Be A Mandatory Requirement »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Clifford Chance

Clifford Chance

Clifford Chance are one of the world's pre-eminent law firms with resources across five continents. Practice areas include Cyber Security & Information Protection

Momentum

Momentum

The Cyber Security team at Momentum offers a professional and specialist recruitment service across Cyber & IT Security.

Fasoo

Fasoo

Fasoo provides data-centric security to protect data within the organizational perimeter and beyond by limiting access to sensitive data according to policies that cover both users and activities.

OPSWAT

OPSWAT

OPSWAT is a software company that provides solutions to secure and manage IT infrastructure.

ARC Advisory Group

ARC Advisory Group

ARC is a leading technology research and advisory firm with expertise in both information technologies (IT) and operational technologies (OT)

CodeOne

CodeOne

CodeOne provides solutions for website and web app security.

DataSunrise

DataSunrise

DataSunrise Data-Centric high-performance security software protects the sensitive data in real-time in cloud or on premises, and helps organizations to stay compliant.

Volatility Foundation

Volatility Foundation

Volatility is an open source memory forensics framework for incident response and malware analysis.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

Trustonic

Trustonic

Trustonic is a leader in the device security market. Our mission is to protect apps, secure devices & enable trust.

Systems Assessment Bureau (SAB)

Systems Assessment Bureau (SAB)

Systems Assessment Bureau is an internationally recognized ISO Certification Body with a unique vision of “Excel together with global standards”.

Core Sentinel

Core Sentinel

Australia's #1 Penetration Testing Service. Make Your Systems Fully Compliant With Our OSCE CREST/CISA Certified Penetration Testing.

Xoriant

Xoriant

Xoriant is a technology leader and execution partner throughout the Build, Run and Transform lifecycle for companies that create and use technology products.

Hartman Executive Advisors

Hartman Executive Advisors

Hartman Executive Advisors is an unbiased IT and cyber advisory firm uniquely designed to help mid-market executives maximize their IT investments.

Cyberleaf

Cyberleaf

Cyberleaf is simplified managed cybersecurity for MSPs, enabling top tier cyber protection for small and medium enterprise.

Twine Security

Twine Security

Twine is pioneering the creation of AI digital cybersecurity employees to help improve efficiency for cybersecurity teams.