A study from the University of Maryland found that hackers attack every 39 seconds. On average, data breaches cost $3.92 million. Cybercrime schemes evolve quickly and attackers don't discriminate. That's why companies of every size need to stay up to date on cybersecurity trends.
New schemes, more remote workers and the move to cloud-based systems all require organizations to take cybersecurity more seriously than ever. Failure to do so can be devastating to both your company and those whose data you hold.
In this article, experts share what they think are the biggest cybersecurity threats for 2020, as well as some trends and solutions you can use in your cybersecurity efforts.
Inefficient cybersecurity investigations can lead to further damage.
To start your investigation strong and take better corrective and preventive actions later, you need a streamlined approach to filing reports. Ensure consistent, thorough record-keeping with our free cybersecurity incident report template.
Table of Contents:
Cybersecurity Threats
1. CEO Deepfakes
2. Working Remotely Due to COVID-19
3. The Human Factor
4. Attacks on the Healthcare Sector
5. Fileless Attacks
6. Insider Threats
7. The Internet of Things
8. Password Attacks
9. Collaboration Platforms as New Attack Vectors
10. Attacks on the Education Sector
11. Mobile Phishing
Cybersecurity Threats
1. CEO Deepfakes
Deepfakes are video, photo or audio media that have been created using artificial intelligence. The technology studies data, such as speech patterns, facial features and body movements, to help fraudsters steal others' identities. By creating media that looks and sounds realistic, criminals can do almost anything from bypassing biometrics to sending fraudulent messages.
According to Kenny Trinh, Managing Editor of Netbooknews, hackers are creating videos of "CEOs asking employees to transfer money or give away other personal information" and "as this technology grows, . . . it will become increasingly difficult to detect."
Because they use data from a real person to create the media, deepfakes can look real. That's why they're a bigger threat than similar scams carried out over email or text.
In addition, the increase in remote work may increase deepfakes attacks even more. When they aren't in the office, employees are more used to receiving audio or video communications from their superiors and less likely to question a scam one. They also can't easily pop into the CEO's office (or a coworker's) to discuss a questionable request.
2. Working Remotely Due to COVID-19
COVID-19 has forced many workplaces to go fully remote. However, the decision to keep employees home in order to follow social distancing guidelines happened so fast, many companies did not properly prepare. Cybersecurity wasn't a top priority at the beginning of the crisis, but now remote work poses one of the year's biggest threats.
Many remote workers aren't prepared to work full-time from home. With challenges like too little bandwidth and no access to a company-issued computer, "performing work tasks from mobile devices [becomes] even more appealing—emailing, messaging, and even joining video calls are all quick and easy on mobile," says Wim Van Campen, Senior Director, EMEA Business at Lookout.
In addition, "home networks are inherently less secure than corporate networks. . . All of these factors make the remote worker an attractive target of cyberattacks such as phishing and network attacks in particular," Van Campen explains.
3. The Human Factor
"Most organizations have done a really good job of hardening their perimeter and so most direct Internet-based attacks are not going to work. What will work however," suggests Tom DeSot, EVP and chief information officer at Digital Defense, Inc., "is the attack on the weakest link in the security chain, the employee of the company."
Employees pose cybersecurity risks for a variety of reasons. They might forget or never have learned good security practices. They could act carelessly because they don't want to put in the effort or, if they're working remotely, they don't have anyone monitoring them. In the worst case scenario, they could even commit a cyber attack for personal gain.
Luckily, protecting your company against the human factor of cybersecurity is almost as easy as taking physical measures. The number-one way to do so, says DeSot, is training. Every employee, from the C-suite to new hires, should learn about attacks such as phishing and spoofing, "how they work and what employees at all levels can do to stop them."
Cybersecurity training can be both informative and a deterrent for bad behavior. Employees know what risks they face, as well as learn about your company's specific expectations for digital security. Be sure to update your training program annually to include new types of threats.
RELATED: Phishing, Spoofing and Whaling: Tips for Keeping Your Company Safe
4. Attacks on the Healthcare Sector
The COVID-19 pandemic has put a strain on healthcare systems around the world. With more patients and distracted employees, they have become a major target for cybercriminals.
According to Sivan Tehila, Director of Solution Architecture of Perimeter 81, "With the ability for medical devices to connect directly to the Web, the growing Internet of Things (IoT) model offers many benefits. Greater connectivity means better data and analytics and patient care, but it also opens the door for data loss of personal health information (PHI) and unauthorized access to devices."
Because it can include contact information, personal data, financial data and health history information, patient data is some of the most sensitive. As a result, targeted ransomware is one of the biggest cybersecurity threats of 2020. "The availability of IT systems and data in [healthcare] organizations is critical for the citizens’ very lives, so they are more likely to pay ransom in order to get back to operations faster," says Ilia Sotnikov, VP of Product Management at Netwrix.
5. Fileless Attacks
One of the most common cybersecurity threats of 2020, according to Alun Baker, founder of cybersecurity startup Clario, is fileless attacks.
"Many companies and consumers still assume most of their virtual threats will come from a malicious or infected file. But if they're not equally prepared against fileless threats, they're leaving themselves vulnerable to an increasingly common form of attack," he says.
What is a fileless attack? It's a cyber attack that doesn't install new software on the victim's device, making it harder for antivirus tools to detect it. Because these types of attacks use processes and programs that are already approved and installed on a device, they can also easily bypass safelisting.
To get a better idea of how a fileless attack works, take a look at this diagram from Trellis:
6. Insider Threats
Many organizations put their cybersecurity budget towards attacks from the outside. However, cybercriminals may not have to breach your system to steal your data. An employee with access to sensitive files may gain legitimate access, then take the data for their own gain.
"Many organizations are challenged to detect internal nefarious acts, often due to limited access controls and the ability to detect unusual activity once someone is already inside their network," says Steve Durbin, managing director of the Information Security Forum.
But why is this one of the major cybersecurity threats in 2020, specifically?
Durbin explains, "Employees subject to new working arrangements [due to the COVID-19 pandemic] could react maliciously due to restricted hours, lowered remuneration, reduced promotion opportunities, and even expectations of redundancy. These concerns at work can be compounded by increased levels of stress outside work due to worries about family health, livelihood and uncertainty about the future. Under such conditions, employees might become disgruntled or disaffected towards the organisation, resulting is occurrences of fraud, information leakage and theft of intellectual property."
To mitigate risk, companies should not only increase their internal cybersecurity measures, but also take extra care to support their employees in times of uncertainty.
7. The Internet of Things
The Internet of Things (IoT) allows us to be constantly connected, both at work and at home. Web-connected devices range from laptops and cell phones to smart watches, smart locks and "assistants" like Alexa and Google Home.
While the IoT makes personal and professional projects easier, it also opens up endless new opportunities for hackers to access sensitive data.
"It's important to always have a solid cybersecurity strategy in place before upgrading to the new wave of products and devices that use IoT and smart technology. Especially for businesses and enterprises, where a data breach could affect company operations and compromise sensitive data," says Luka Arezina, editor-in-chief at DataProt.
To protect your company against IoT breaches:
- Enable two-factor authentication on company devices
- Keep software up to date
- Limit the number of IoT devices in the office
- Don't allow employees to connect personal IoT devices to secure company networks
- Add IoT device best practices to your cybersecurity policies training
- Ensure your company's suppliers and vendors use safe IoT practices
8. Password Attacks
According to the 2018 Varonis Global Data Risk Report, 65 per cent of companies use over 500 passwords that never expire.
"These accounts have a higher risk of showing up in online password dumps with valid passwords. Privileged and service accounts with non-expiring passwords are a cyber criminal's best friend," says Steve Tcherchian, CISSP and Chief Information Security Officer for XYPRO.
While "ensuring these passwords are stored properly, changed regularly, meet complexity and compliance requirements and are audited can be overwhelming to implement and manage," companies can't afford the potentially devastating data breaches poor passwords could cause.
To mitigate risk, Tcherchian suggests using two-factor authentication. This simple change makes it much harder for cybercriminals to breach your systems. Employees might be hesitant to use it at first, but "until we shift our mindset and sacrifice a little bit of convenience for a massive amount of security, attacks on privileged credentials will continue and increase in 2020."
9. Collaboration Platforms as New Attack Vectors
Because of social distancing measures related to COVID-19, many people are new to working from home. As a result, use of online collaboration platforms (e.g. Zoom, Google Drive, Microsoft OneDrive and Teams) is surging.
"While this is great for productivity, it poses a unique challenge for security professionals," explains Liron Barak, CEO at BitDam. "These services are under constant attack—with increased frequency, sophistication and evasiveness. With new channels come new attack vectors, which also means that the risks and potential damage that can be caused keep growing."
Reduce your risk of a cyberattack on a collaboration platform by asking employees to, where possible:
- Use strong passwords on their accounts
- Enable two-factor authentication in their settings
- Connect to the internet using a secure, wired connection
- Add security questions or a phone number as a backup measure
- Enable encryption
10. Attacks on the Education Sector
Healthcare facilities aren't the only organizations being targeted by cybercriminals. With fewer people on-campus and an abundance of personal data to steal, educational institutions could see an increase in cyberattacks this year.
"Educational institutions are often an under-protected patchwork of systems, lacking the resources to defend themselves. What's more, there is a loose network of seemingly unlimited endpoints containing a massive amount of proprietary data on students, faculty, and parents," explains Tehlia.
Some common attacks the education sector could experience, Tehila says, include:
- Malware (such as spyware, Trojan horses, viruses and worms)
- Spear phishing: a targeted, personalized attack where a cybercriminal disguises themselves as someone the victim trusts (such as a family member or employer) in order to get them to share sensitive information
- Password spraying: a brute-force attack where the hacker attempts to gain access to multiple accounts at once by entering commonly-used passwords (e.g. "password123")
RELATED: How to Report a Data Breach: 5 Critical Steps
11. Mobile Phishing
Almost every company has dealt with a phishing attack. Cybercriminals email your employees, trying to gain access to their personal or your organization's sensitive data. Most phishing schemes are conducted using email, but SMS, or text message, attacks are becoming more common.
The prevalence of mobile device usage is just one reason for this trend. According to PhishLabs, three other factors make mobile phishing one of the biggest cybersecurity threats for 2020.
First, "most people open and read SMS messages reflexively, and don’t expect to receive malicious messages." Texting is often used as a casual, familiar way to communicate. As a result, people aren't as on guard as they are when they check emails, especially work-related correspondence.
Second, "SMS phish are much more difficult for the security community to track and respond to than traditional phishing attacks." If a person's data was stolen through a mobile phishing scheme, they might not even be able to track it back to a specific incident, making it harder to warn others about the scam.
Finally, "mobile-specific phish kits accurately mimic login screens of legitimate mobile apps." The combination of real-looking pages, small screens and a more casual attitude make it harder for people to know when they're being victimized.
Cybersecurity Solutions in 2020
1. Machine Learning for Prevention
Machine learning (ML) and artificial intelligence (AI) are being used to streamline processes in nearly every industry these days. These technologies increase efficiency and reduce the risk of human error. For cybersecurity, ML and AI can help keep you ahead of ever-evolving schemes and scams.
"The amount of data being generated is increasing exponentially," says Tcherchian. "And the only way to keep up and identify threats is to allow machines to churn through data and trust they will detect the right concerns—then take appropriate action to combat the threat."
In 2020, Tcherchian explains, ML and AI will be the focus of cybersecurity research and innovation. Teams will use these technologies in tandem with human analysts to spot patterns and anomalies, boosting detection and prevention efforts.
2. Cloud Data Protection
"The biggest threat in 2020 is the continued need for basic fundamental data-center/cloud hygiene," warns Dave Klein, Senior Director Engineering & Architecture at Guardicore.
While cloud-based systems provide better data storage options and collaboration opportunities, they pose a higher risk of data breaches, hacked accounts and other security issues. Taking steps to secure your cloud helps prevent your company's data, as well as customer and client data you hold, from falling into the wrong hands.
In order to mitigate cybersecurity risks to your cloud (and possible financial and reputation damage), Klein suggests organizations:
- Add two-factor authentication
- Update patch and certification management processes
- Improve segmentation
- Use (or improve) vulnerability testing
- Implement (or improve) incident response planning and practice
Cybersecurity in a cloud-first, mobile-first world calls for new approaches. Watch our free webinar to learn current trends and strategies to mitigate risk to your cloud-based system.
3. Cyber Insurance
2020 "is the year where cyber insurance steps to the forefront," says Jack Kudale, founder and CEO of Cowbell Cyber. "There is currently a gap between the risks that enterprises need to be covered for and the coverages that insurance providers offer."
Why?
Kudale explains that there are three main reasons companies aren't sufficiently covered for cyber attacks. First "a lack of visibility into the wide range of cyber risk faced by modern businesses that use technology broadly." Because technology moves so fast, providers can't always keep up with needs, uses and possible issues.
Next, a "misunderstanding of what is or not included in the coverage." With so many different types of attacks and breaches, both companies and providers may get confused about what falls under what umbrella within the policy.
Finally, "cyber policies that are reevaluated [only] once a year leads to a gap in what an enterprise might be liable for." If a company frequently increases the amount or type of data it stores (such as a rapid increase in customers), a company may exceed the data limits covered by its insurance.
4. Cybersecurity Automation
With new, emerging threats and schemes nearly every day, protecting your company against them all is an endless task. Cybersecurity teams can feel overwhelmed and worried that they don't have enough hours in a day to address current and potential issues.
"There are too many security threats to be managed today and they need to be managed in an automated way," says Thomas Hatch, CTO and Co-Founder at SaltStack. "Without automated security remediation, the existing security gaps will only deepen."
Cybersecurity automation reduces workload for analysts and boosts efficiency while better protecting your company's data. As mentioned above, machine learning and artificial intelligence are common ways to automate your cybersecurity efforts. Some tasks you can automate include:
- Malware detection
- Identity and access management
- Patching
- Data protection after a cybersecurity incident
- Investigating low-level threats
- Adding and removing users from your system
5. Data Privacy Legislation
The European Union's GDPR and California's CCPA changed the way the world thinks about and handles consumer data privacy. According to Tcherchian, more jurisdictions will introduce their own privacy legislation. Juggling multiple laws, figuring out which apply to your company and how to comply with them might lead to major changes in your organization's everyday processes.
However, "as governments get more involved, these types of laws will continue to evolve and strengthen," says Tcherchian. That's why cybersecurity will be more important than ever in 2020.
Consumers now have rights under these laws to control their own data. Knowing how to store and delete data securely ensures you won't be faced with a non-compliance fine or customer lawsuits for mishandling their data. Protect your company and your customers or clients by:
- Reviewing the requirements of data privacy laws that apply to your company
- Updating company policies and procedures to comply with these laws
- Training employees on the updated policies and procedures
- Communicating your updated policies and procedures to customers