Change is the only constant. From installing malicious software to hijacking a complete network with drones, cyber-crime has evolved drastically. On the flipside, Cyber Security has been solid-as-rock and strongly evolving to mitigate the cyber-crimes. When we deep dive into cyber threat incidents, we could see patterns of attacks. For example, in 2018 Ransomware made a buzz. Likewise, in 2019, APT (Advanced Persistent Threat) shook many businesses. Though being disastrous, these trends help businesses to stay prepared and fortify themselves from the attacks. Below are the top cybersecurity trend predictions for 2020.
In the Disguise
Phishing is an attempt to nab confidential credentials by disguising as a trustworthy one. Lack of cyber-crime awareness is the top investment for this method of attack. It is easy to fall for someone who disguises as a bank officer and asks for credentials to update a feature on your card.
Text-Based Phishing is something similar to this. An SMS or email, soliciting a donation for a childcare home or a political party can allure people to click a link. Any action from the user can facilitate cyber actors to steal confidential transaction details like credit card or bank account information. Since 2020 is the US election year, text-based phishing fraudulent activities are expected to raise dust. A good rule of thumb is to refrain from responding to SMS or emails from unknown senders.
Not Real
Deep fake is an Artificial Intelligence-based technology. It was first developed in the mid-1990s as a result of academic research into computer vision. In recent times, it is widely used by amateurs and cybercriminals to simulate the faces of celebrities.
In a 2018 video “public service announcement” ostensibly from former American President Barack Obama appeared online with an altered audio track recorded by actor/director, and Obama impersonator, Jordan Peele. The video went viral. It made the case that the images and voices of world leaders could easily be manipulated and altered to cause discord and confusion.
Researchers found that the technology used in this audio-generated attack has made transformative progress by data algorithm breakthroughs. Any disputes can be avoided by spreading awareness of deep fakes. These kinds of videos can be identified by looking out for blurring in an individual’s face, changes in skin tone and irregular blinks.
From the Sky
“Smart city” is no longer a buzzword. The digitalization of transportation, food supply, water management, etc., are examples of city transformation. In order to achieve the virtue of connectedness, a public Wi-Fi system is an essential element. But, when it comes to the public, it is open to everyone, including cyber actors. This is a low hanging fruit for them to sneak into individuals’ end-points and nab confidential information.
On the other hand, highly protected Wi-Fi networks of companies can be intruded with Wi-Fi Pineapple technology. Isn’t it rude to do the crime with a technology named after a sweet fruit? Truly, it was invented to do sweet things like finding vulnerable Wi-Fi networks and upgrade their security. Later, it fell under the wrong hands and been used to have unauthorized network access.
Drones are commercial now. There are currently 1 million drone devices legally operating in the U.S today and the market for drone devices is predicted to get close to $100 billion by the end of 2020. Anyone can get a drone and make use of its user-friendly interface to take it to the sky. This can be used to get close to a company’s perimeter and Wi-Fi Pineapple installed in the drone can be used to hack their private network. Implementing two-factor authentication and password protection can help minimize your risk of becoming a victim.
Cost of comfort
The mobile payment industry is expected to reach more than $4.5 trillion by 2023. Comfort is the reason behind this growth. But, risk comes with comfort. Many of the mobile Point-Of-Sale devices are available to businesses at a low cost. But, they don’t come with robust security features built-in. Though NFC mobile payment apps tend to carry strong security protocols, the mPOS they interact with, make the whole protocol vulnerable.
Retailers should be aware of the security standards before going for low-cost POS devices. It shouldn’t drag them two-step backward while intending to take one step forward. The convenience of mobile payments may be an effective choice. But both retailers and consumers must be careful from cybercriminals.
New Boundaries
Countries are started to focusing on Network Segmentation and Data Sovereignty. Russia announced it was again preparing to isolate itself from the global internet in case of cyber-attacks against the country. President Putin signed for RuNet to filter all internet traffic from outside the country. Moscow has also involved in developing an independent network infrastructure for BRICS nations. India is about to announce its first data protection bill to prevent storing Indian Consumers’ data outside the country. In 2020, we can expect myriad initiatives of data center establishment and state-wide intranet projects in different countries.
Summary
While businesses are marching towards digital transformation, a multitude of new security vulnerabilities are starting to evolve. It has become a necessity to keep up with cybersecurity trends now than ever. Proactive security strategies that incorporate critical infrastructure, cloud, and third parties, minimize the impact of cyber threats.
Whether the threat is from the sky or disguised, Inspirisys ensures cyber resilience with our deep knowledge in the threat landscape. We stand ready to defend against the increasing number of attacks. We address the upcoming security challenges across the entire organization and advance the security standards with our preventive and progressive approach. Some of our enterprise security solutions & risk services are:
- Security Operations Centre
- Advanced Malware Defence
- Security Risk & Compliance
- Mobile Security
- Data Security
- Application Security
- Network Security
- Endpoint Security