In our ever-more connected world, the potential cyber-attack landscape is constantly growing. While technology might promise exciting innovation, at the same time it is requiring us all to think more carefully about how to secure it within our organisations.
In many ways, the cyber threats we face in 2020 very much follow the theme of ‘more of the same’. More security around the perimeter, more regular patching of known vulnerabilities, more staff training, more monitoring, more testing and more regular updating of disaster recovery and business continuity plans.
However, it is also true that new technologies are creating new threats. In this article, we’ll consider the IT trends of 2020 and consider how they create new and emerging threats which you’ll need to add to your existing cyber security considerations.
1. The growing ransomware threat
Mimecast found that the ransomware threat in 2019 was up 26% on the previous year, resulting in 53% of organisations surveyed reporting they experienced a ransomware attack in 2019. Experts say this trend shows no sign of abating.
One new development is the application of a pyramid scheme approach to the ransomware mode, whereby victims escape having to pay up if they share the malicious links with their own contacts.
However, it’s worth remembering the findings of Proofpoint’s 2020 State of the Phish report, should you ever be tempted by such offers. Of the 33% of organisations affected by ransomware who opted to pay the ransom, some 31% did not regain access to their data or had to pay additional ransom payments before accessing it.
2. Continued transition to cloud
The transition to cloud continues at pace. As a result, the boundaries of company infrastructures are increasingly blurred.
When companies pass data to a cloud provider, they also need to consider that provider’s cyber security approaches and performance.
However, Gartner has predicted that, in 2020, 95% of cloud security failures will be the customer’s fault. Understanding where your security responsibilities begin and end and correctly configuring your cloud solutions, therefore, become the critical defence factors.
DevOps also need to be actively working to ensure there aren’t vulnerabilities in container components.
3. Gradually moving towards AI
The damage potential of AI technologies was demonstrated during the Brexit referendum and the 2016 USA election, with fake news quickly propagated around the Internet using AI.
Now some are warning that deepfakes could be the next frontier in enterprise fraud.
Although we are now more cognizant of the problems AI presents when harnessed by malicious actors, it is also true that AI could hold some of the necessary answers too.
Organisations need to start leveraging AI to identify new cyber-security threats and automate and speed up their response to them.
4. Data theft is not the only goal
While data exfiltration may be getting a boost with 5G, some analysts are arguing that focus should also be on cyber-crime that attacks data integrity instead of being designed to steal data.
Businesses may not be aware of the data manipulation and this exposes them to significant reputational risk. What’s more, how can you do business when you don’t trust the information in your own systems? Or, worse, the misinformation you are “publishing” is being used by your customers and others?
5. IoT is creating new vulnerabilities
Mirai exposed the vulnerability of so many connected devices. While “secure by design” is now more often talked about, it remains rarely delivered: we are still vulnerable.
Connected devices in the office – from building management systems to office printers – need to be secured.
6. Improved incident investigation is required
Organisations need security analytics expertise across all security layers, including in incident investigation. While AI will take on some of these tasks, the continued cyber-security skills gap makes this a real issue for most businesses. Partnering with an IT Support company who can deliver the right skills is usually the best option.
It isn’t just in incident investigation where the cyber-security skills gap is a problem. Government and education need to work with business to develop a pipeline of talent with the cyber security skills required, yet we continue to see little progress in this regard.
7. Malware auto-updates
With many applications set to auto-update, there is little wonder that hackers are now seeking to exploit this mechanism. A compromised cloud connection could enable hackers to use auto-updates to infect users. In March 2019, hackers compromised Taiwanese software company Asus’s Live Update tool to distribute malware. Beyond Trust warns us to expect some high-profile applications to be targeted by these advanced threats in 2020.
8. New attack vectors are always being sought
As we’ve focused more on improving cyber security and responding to the threat, penetrating the external perimeter has become much more difficult, requiring more time, skills and effort on behalf of the attacker.
As a result, different attack vectors begin to look more attractive. Social engineering begins to look more cost effective than pure technology attack vectors. On the one hand, we see hackers investing time to develop convincing phishing attacks is on the rise, on the other companies are reporting an increase in attacks arising from insider activity.
A 2020 Cybersecurity Insiders report found that 70% of organisations surveyed said insider attacks are becoming more frequent. Similarly, a 2020 Cost of Insider Threats report by the Ponemon Institute for ObserveIT and IBM found that, over the last two years, the number of incidents has increased 47%. What’s more, over the same period, the cost of these incidents rose by 31%.
9. SMishing, Vishing and Spear Phishing
Although email remains the most popular medium for phishers, attacks through other social media and communication channels are on the rise; hackers will follow your people onto whatever platform they are using.
Proofpoint’s 2020 State of the Phish report highlighted significant rises in the number of phishing attacks via social media, the number of smishing and vishing attacks, and the number of malicious USB drops.
The findings highlight the multi-faceted cyber defences required: organisations need to be prepared on all fronts.
10. GDPR must remain a focus – especially in M&A
Although GDPR has dropped off the headlines recently, we’re now on the business end of the legislation and its impact is beginning to be felt.
As a result, experts are warning that evaluations of cyber security and risk will become an increasingly important element in M&A deals. In 2019, the Information Commissioner’s Office fined Marriot for a data breach that went unreported by Starwood four years earlier, prior to Marriot’s acquisition of the company in 2016.
ICO’s decision should serve as a salutary lesson for the need to put security and technology audits at the forefront of due diligence.
What can companies do to protect themselves in 2020?
The best way to deal with the cyber-security threat is to work with a knowledgeable and trusted expert IT Support partner, get the processes right for effective day-to-day maintenance and invest the time to understand the specific and changing threats to your organisation.
While expertise and keeping abreast of the latest threats and vulnerabilities will keep you safer, as Akami’s Chad Seaman points out, “it’s the threat that comes out of leftfield that’s really the problem.”
This makes cyber-risk insurance another vital part of your organisation’s defence. We are seeing more specialist and tailored approaches to cyber risk insurance – it is no longer an add-on to other business insurance products. Augmenting your business continuity plans with this is a sensible approach.
Interesting related article: “What is cybersecurity?“