With AI and machine learning, we could see cyber attacks like spear phishing and malware at a much larger scale that becomes impossible to manage. Cryptojacking—a type of hack that targets almost any device with computing power, including mobile devices, company servers, and even cable routers to mine for cryptocurrencies—grew by more than 1,000% in the first half of 2018. Compared to ransomware attacks, cryptojacking is incredibly stealthy, with many systems losing processing power while sitting idle anyway. For home internet users, cryptojacking can put undue stress on your computer’s processor, slowing down performance and increasing your electric bill.
Creating processes and protocols for a BYOD policy can help find a happy medium between the risk and reward. Those in the infosec industry may view it more as a future filled with potential threats and attack vectors to worry about. With this in mind, Siliconrepublic.com spoke to some experts in the field about what cybersecurity trends could be on the horizon as the year begins. Leveraging the possibilities of automation makes the most out of the glut of data, all in real time.
In this landscape, upgrading to automated tools that allow for validating and contextualizing threat intelligence will be one of the cybersecurity trends of 2020. Between growing security threats, robotic process automation and the continued dearth of skilled workers, automation may be less a cybersecurity trend than a necessity. A vast number of businesses are using cloud-based technologies to host their data and applications and the number is growing. Although cloud platforms often have their own security features, the amount and type of access points present in addition to third-party integrations increase the opportunities for attackers to breach a system. If a platform is poorly segmented, a successful attack can quickly spread across applications and organizations, potentially reaching millions of users.
Couple that with the rapid growth of software development and a cybersecurity skills shortage and that should be enough to keep security pros on their toes. Phishing attacks remain an effective method of stealing credentials and identities, distributing malware, eliciting fraudulent payments, cryptojacking (cryptocurrency mining) and so on, and the threat is not going away any year soon. The same goes for ransomware attacks, which continue to provide a solid source of income for international cybercrime.
2019 has seen cybersecurity issues firmly take their place in the news, both for the technology industry and the general public. While organizations are increasingly aware of the importance of cybersecurity, most are struggling to define and implement the required security measures. From data breaches and IT security staff shortages to security automation and integration – let’s take a quick look at 10 cybersecurity trends that are likely to shape the cybersecurity landscape in 2020. Artificial intelligence and machine learning in cyber security are the second on our list of the cyber security trends for 2020 — and for good reason. As we shared in a previous article on artificial intelligence in cyber security, machine learning and artificial intelligence are reinventing cyber security as a whole and are areas that are definitely worth exploring in the coming year.
Cybersecurity Ventures predicts that in 2019, global damages from ransomware will reach over $11 billion, with attacks occurring every 14 seconds. We will continue to see organizations shift their workloads into the cloud as the physical systems on the premises reach their expiration. As more institutions develop an interest in the latest technology and tools available, the landscape of cyber security will become altered.
Cyber attacks on utilities and public infrastructure will continue to
increase
Cybercriminals unofficially supported by the state can execute DDoS attacks, cause high-profile data breaches, steal political and industrial secrets, spread misinformation, influence global opinion and events, and silence unfavorable voices. Cyber security is a hot topic for organizations and businesses of all sizes across every industry. Of course, every company has different priorities and insights, so the lists of cyber security trends for 2019 and 2020 you’ll see around the internet vary quite a bit depending on your source. And as cyber attacks continue to increase in frequency year over year, they all serve to underscore the importance and need for better cyber security defenses. Stuxnet infects SCADA systems — One of the first SCADA attacks, Stuxnet paved the way for Shamoon and other industrial control system (ICS) threats capable of combining physical and digital risk.
Cyber security trend #1: The phishing landscape is changing, though email
still ranks as the biggest of those threats
Data from a Capgemini Research Institute survey supports the idea that AI is vital to organizations’ cyber security defenses. Three-quarters of surveyed executives reported that AI helps their organizations respond more quickly to breaches, and 69% of the organizations reported that AI is necessary to respond to cyber attacks. Mobile malware — According to Check Point, cyberattacks targeting mobile devices are up by 50 percent compared to last year, and threats are diversifying as devices become commonplace across both personal and professional environments. Mobile banking apps are among top hacker targets, as users prioritize on-demand features, and banks are rushing to fill the gap.
But as AI becomes essential to cybersecurity, what will prevent malicious actors from reaping the benefits of this innovative technology? At present, cyber attacks are debilitating, with security departments strained, understaffed, and underqualified.
In 2012, companies were leveraging data at scale to drive actionable insights, and by 2014, mobile devices took their place as collaborative corporate mainstays. But these advances in technology came with commensurate increases to cybersecurity threats, as attackers recognized the value of large-scale — and often unprotected — datasets. As business processes, infrastructure, and data are increasingly moved to the cloud, protecting information and critical infrastructure requires completely new approaches to enterprise security. Cloud-based threats will inevitably continue to grow, with organizations struggling to maintain control of critical data and ensure real-time threat intelligence.
- As business processes, infrastructure, and data are increasingly moved to the cloud, protecting information and critical infrastructure requires completely new approaches to enterprise security.
- In 2012, companies were leveraging data at scale to drive actionable insights, and by 2014, mobile devices took their place as collaborative corporate mainstays.
- But these advances in technology came with commensurate increases to cybersecurity threats, as attackers recognized the value of large-scale — and often unprotected — datasets.
One big influencer that is driving the increase in cyber attacks is the pervasiveness of Internet of Things (IoT) devices in the enterprise. According to Symantec, IoT attacks increased 600 percent last year, which is forcing companies to add better incident detection into their IoT platforms and find ways to enhance visibility into their extensive IoT networks and devices. Ransomware is the rise as well, with a 300 percent increase in ransomware attacks last year.
Effective protection requires not just proper cybersecurity training for all employees and business partners, but also in-depth security and vulnerability management to prevent attackers from obtaining confidential information used in phishing attempts. Advanced persistent threats backed by nation-state actors are now a major part of the global security landscape.
The Top Cyber Security Trends in 2019 (and What to Expect in
Staying up-to-date on current trends makes a big difference when it comes to security and is required for effective security teams. It’s imperative that the enterprise take a proactive approach to this vulnerability. This year we expect to see more companies follow the best practice advice of NIST in establishing a real-time inventory of all connected devices.
Because of these barriers and unknowns, many businesses are finding solace in placing their cybersecurity griefs in the care of a Managed Security Service Provider (MSSP). These dedicated cybersecurity providers are not only equipped with the latest in threat management technology, but it’s their job to understand the current environment and work toward being ahead of the curve on emerging cyberthreats. In the race to deliver new products and technologies, security is seldom the first consideration, so it’s no surprise that the booming IoT (Internet of Things) space has brought a wealth of security blunders. Hard-coded credentials, insecure wireless communication, unencrypted personal data, unverified firmware updates, vulnerable web interfaces – the list goes on.
Improperly secured or configured data buckets increase the risk of major data breaches for organizations large and small, and unauthorized cloud services can all too easily be added by end-users. Organizations are discovering that manual security management is no longer feasible for large web application infrastructures, which is forcing them to rethink their approach to web application security.
As ICS and SCADA systems have become invariably linked to public-facing services via internet of things (IoT) devices, the potential impact of this threat has expanded. The benefits of artificial intelligence (AI) are tremendous, particularly in cybersecurity. In fact, 61% of enterprises say they can’t detect breach attempts today without the use of AI.
More workspaces are allowing the use of personal devices for work, providing the flexibility of remote work, increasing productivity, and cutting costs. But bring-your-own-device (BYOD) comes with security risks, including increased risk of data leaks, malware infection, and exposure to vulnerabilities due to lack of device management. Security managers are now under the strain of added IT infrastructure to keep up with this cybersecurity trend. BYOD is likely not going away any time soon, but the cyber risks will continue to grow.
Cyber security trend #3: Targeting of local governments and enterprises via
ransomware attacks
As technologies and security tools change, cybercriminals are adapting their strategies, creating new threats and revamping known ones. Outdated systems and lack of awareness of current vulnerabilities create significant risk for companies and individuals.
The Internet of things, IoT, will change the entire environment that we live in, especially when you consider that IDC, an analyst company, predicts there will be 80 billion connected devices by 2020. As a cybersecurity company, we predict that attacks will keep pace with the growth as cybercriminals exploit the resources of the devices and the access to personal data. Attacks such as the Mirai botnet, which disrupted popular websites including Netflix, Spotify and Twitter, already demonstrated the impact of harnessing the power of IoT for malicious purposes. Mobile, the cloud and artificial intelligence, to name a few, are trends that will continue to be exploited by criminals.