2020 cybersecurity and threats: what awaits us after the holidays

In the old style, the new year came only yesterday. So, all the holidays have passed. It is time to take stock and predict the future. This is true for all areas, including cybersecurity. In 2020, many of the trends seen in 2019 will only intensify, so they should be given special attention.

Artificial intelligence on two fronts

The thing is that AI, machine learning, neural networks, everything that is now actively using cybersecurity, their opponents are gradually starting to use. This trend is gradually increasing, in the coming months, the probability of seeing some kind of mutating virus using machine learning, multiple algorithms, etc. very high. Such systems are dangerous because they are not detected by most traditional tools, since the signature of the “mutants” is constantly changing.

The malware is becoming more sophisticated in terms of searching for vulnerabilities and penetrating the holy of holies of the victim. Ransomware with AI elements is able to adapt to new factors and circumstances. All this increases the chances of a successful attack.

By the way, the number of threats is constantly growing. Experts estimate the frequency of occurrence of new instances ransomware in 14 seconds. Those. every 14 seconds, another malicious software appears in the world. Moreover, they attack not only some small services, but also the products of well-known companies like Microsoft.

Of course, information security experts are on the alert – protection is also evolving, becoming smarter and more powerful. However, hacks are becoming more difficult to detect, in some cases it takes six monthsor even several years.

“Malicious ransomware is an ever-growing and evolving threat that can harm organizations of all sizes, but especially small and medium-sized businesses. To avoid ransomware attacks, enterprises must ensure the security of all devices and cloud services, and also make sure that they use the “321 rule” for regular data backup and continue to apply the traditional security rules: set strong passwords, limit unreliable devices, use accounts administrator only where it cannot be avoided, and implement multi-factor authentication, ”said Torsten Kurpyun, director of business development at Zyxel.

Cyberthreats and small government organizations

Government networks are the coveted goal of many cybercriminals. They are increasingly attacking small government organizations, in which cyber defense is weak – because there are not so many funds allocated. But the data in such organizations can be very valuable, because most of them have access to state registers, databases, etc. All this is priceless for cybercriminals.

Attacks on government networks are a problem for most countries with a developed digital infrastructure. For example, in the United States, about 2/3 of all attacks were directed specifically at the state. Plus, government agencies often have to pay criminals if they manage to block the network, for example, using the same ransomware. Amounts paid to attackers by officials are often 10 times the amount paid by business. Anyway, so it was in 2019.

Well, the losses in case of hacking are very large – on average, one successful attack costs $ 1.6 million victim.

5G issues

Fifth generation networks are gradually being put into operation – the corresponding infrastructure is expanding faster. But the problem is that new solutions require a new approach and tools, including in terms of cybersecurity. According to ResearchAndMarkets, by 2025, the market for 5G solutions will triple.

But the more actively networks develop, the more solutions of different vendors are used. And among the main problems of 5G is the weak security of hardware and software, plus all sorts of dangers in the production-supply-implementation cycle. Now it’s no secret that in some cases, crime introduces vulnerabilities in products third party manufacturers. In addition, there are no guarantees of good faith of third-party solution providers who have access to the critical infrastructure of the enterprise or organization.

With the expansion of 5G coverage, one can expect an increase in the number of new types of attacks aimed specifically at the vulnerabilities of 5G hardware and software.

Increase the number of attacks on cloud services

The wider the cloud solutions penetrate our lives, the more attractive they become for attackers. Data storage services, instant messengers, social networks are just a storehouse of information for cybercriminals. Plus, most of the decisions of large companies, users automatically trust. Microsoft OneDrive, Google Drive and other projects – all of them are considered by default as safe from the side of the average user (including corporate).

But they are increasingly being attacked, new attack vectors appear every week, which sometimes leads to leaks – attackers get huge amounts of information.

One of the problems is the lack of information security specialists. According to the results of a series of surveys, it became known that about 70% of the heads of various companies from the IT industry recognize a shortage of cyber security professionals.

With the increasing number of threats, more and more companies that use cloud platforms like AWS, Azure and others will require their partners to increase the level of cybersecurity.

Medical devices

In 2018-2019, many devices appeared in healthcare and related fields that work with wireless networks – mobile, WiFi, specialized protocols, etc. In pursuit of users, companies are rushing to release solutions, many of which have not been tested in terms of cybersecurity. Many models of fitness trackers, heart rate monitors, etc. are subject to the same vulnerabilities, which allows attackers to carry out automated attacks that infect thousands of devices at a time.

This is a huge problem. So, according to Deloitte, in the next five years, about 44% of medical devices will be equipped with IoT modules. Without proper protection, they are all open to intruders.

The problem is also that the medical field does not have uniform standards regarding cybersecurity and threats. Zoo solutions, thousands of different vendors, different protocols, compatibility issues – all this makes medical devices extremely vulnerable.

Accordingly, one of the trends, at least in some countries, will be the unification of standards and the introduction of new standards in relation to IoT gadgets in the medical industry and healthcare.

The increasing role of predictive analysis

The maximum loss to the company is usually not caused by the attack itself, but by the liquidation of its consequences, which leads to direct and indirect losses like reputation losses. Therefore, it is imperative for businesses to learn how to identify and neutralize the most dangerous attacks before they become a major problem. Now detecting a new type of attack takes several hours or even days. During this time, attackers usually manage to compromise the system and steal the data they need.

In order to prevent attacks in the bud, to detect them you need to spend no more than a few minutes, or even seconds. Predictive analysis helps here, when the system detects unusual network activity, even if it does not fit any type of attack by signs. In 2020, an increasing number of companies will introduce predictive analysis systems.

As a conclusion, we can say that there are many cybersecurity trends that will be relevant in 2020, there are dozens of them. In addition to those already mentioned, this is an increase in the volume of budgets allocated for cybersecurity, a focus on internal threats, countering phishing, an increase in attacks using crypto ransomware, and much more

The main trend for business and government organizations is the increasing importance of information security. Not a single more or less large company can do without tools and IS specialists. But since there are new threats, challenges and dangers ahead, cyber security is at the forefront.