Hindsight is 20/20 vision, as the old saying goes: it’s always easy to know what the right course of action was after something has happened, but much harder to predict the future. However, by looking at security developments over the past couple of years, it’s possible to forecast what’s likely to happen in the cyber landscape over the next 12 months. Here are the key security and related trends that we expect to see during 2020.
Technology cyber-security predictions for 2020:
Targeted ransomware – 2019 saw ransomware exploits getting highly targeted against specific businesses, as well as local government and healthcare organizations. Attackers are spending time intelligence-gathering on their victims, to ensure they can inflict maximum disruption, and ransoms are scaled up accordingly. Attacks have become so damaging that the FBI has softened its stance on paying ransoms: it now acknowledges that in some cases, businesses may need to evaluate options to protect their shareholders, employees and customers.
Phishing attacks go beyond email - While email remains the #1 attack vector, cybercriminals are also using a variety of other attack vectors to trick their intended victims into giving up personal information, login credentials, or even sending money. Increasingly, phishing involves SMS texting attacks against mobiles, or use of messaging on social media and gaming platforms.
Mobile malware attacks step up - The first half of 2019 saw a 50% increase in attacks by mobile banking malware compared to 2018. This malware can steal payment data, credentials and funds from victims’ bank accounts, and new versions are available for widespread distribution by anyone that’s willing to pay the malware’s developers. Phishing attacks will also become more sophisticated and effective, luring mobile users to click on malicious weblinks.
The rise of cyber insurance - Underwriters will sell more cyber insurance policies for businesses and government agencies such as schools, hospitals and utilities. Insurance companies will continue to guide their policy holders to pay ransoms, as this is generally cheaper than having to recover from a ransomware attack. This will in turn will lead to more attacks, and fast growth for the cyber insurance industry. However, insurance payouts are not guaranteed: the legal battle between food giant Mondelez and its insurer Zurich is still ongoing. Mondelez’s insurance claim for $100M after the 2017 NotPetya ransomware attack was refused by Zurich as it claimed the attack was “a hostile or warlike action in time of peace or war.”
More IoT devices, more risks - As 5G networks roll out, the use of connected IoT devices will accelerate dramatically, and will massively increase networks’ vulnerability to large scale, multi-vector Gen V cyber-attacks. IoT devices and their connections to networks and clouds, are still a weak link in security: it’s hard to get visibility of devices, and they have complex security requirements. We need a more holistic approach to IoT security, with a combination of traditional and new controls to protect these ever-growing networks across all industry and business sectors. The new generation of security will be based on nano security agents: micro-plugins that can work with any device or operating system in any environment, controlling all data that flows to and from the device, and giving always-on security.
Data volumes skyrocket with 5G - The bandwidths that 5G enables will drive an explosion in numbers of connected devices and sensors. eHealth applications will collect data about users’ wellbeing, connected car services will monitor users’ movements, and smart city applications will collect information about how users live their lives. This ever-growing volume of personal data will need to be protected against breaches and theft.
AI will accelerate security responses - Most security solutions are based on detection engines built on human made logic, but keeping this up-to-date against the latest threats and across new technologies and devices is impossible to do manually. AI dramatically accelerates identification of new threats and responses to them, helping to block attacks before they can spread widely. However, cybercriminals are also starting to take advantage of the same techniques to help them probe networks, find vulnerabilities and develop more ever more evasive malware.
Security at the speed of DevOps - Organizations already run a majority of their workloads in the cloud, but the level of understanding about securing the cloud remains low, and security is often an afterthought with cloud deployments because traditional security measures can inhibit business agility. Security solutions need to evolve to a new paradigm of flexible, cloud-based, resilient architectures that deliver scalable security services at the speed of DevOps.
Enterprises rethink their cloud approach – Increasing reliance on public cloud infrastructure increases enterprises’ exposure to the risk of outages, such as the Google Cloud outage in March 2019. This will drive organizations to look at their existing data center and cloud deployments, and consider hybrid environments comprising both private and public clouds.
We don’t yet have the benefit of hindsight to show exactly what security threats we will face in 2020. Today’s hyper-connected world creates more opportunities for cyber criminals, and every IT environment is a potential target: on-premise networks, cloud, mobile, and IoT devices. But forewarned is forearmed: using advanced threat intelligence to power unified security architectures, businesses of all sizes can automatically protect themselves against upcoming attacks.
* Article was originally published on Checkpoints’s blog. You can read the original blog post here.