What does the 2020 threat landscape look like?

What does the 2020 threat landscape look like?

Andy Swift, Head of Offensive Security at Six Degrees, discusses the cyber security trends he believes you should prepare for in 2020 and beyond.

Your organisation should be taking proactive steps to address the financial, operational and reputational risks you face in today’s increasingly hostile digital landscape. How is the threat landscape looking in 2020? Here are four of the prevalent cyber security trends I believe you should be aware of.

2019 was certainly an interesting year in the world of cyber security. The average cost of data breaches continued to follow an upward trend, as phishing and ransomware attacks targeted victims not just through their workstations but, more than ever before, through their mobile devices and connected smart devices as well.

Your organisation needs to be proactive in its cyber security approach. In order to achieve this you must understand the risks you face and take steps to ensure you remain as safe as possible from accidental or malicious data breach.

An essential aspect of maintaining a proactive cyber security approach is understanding and planning for how the threat landscape is likely to change in the short, medium and long-terms. Now that we’re at the start of 2020, it makes sense to take a step back and consider the trends we expect to see over the coming year and beyond.

There are two major developments I see influencing the cyber security landscape over the next 12 months – one that is already causing headaches for security professionals and even governments, and another that is (at the time of writing at least) purely theoretical. But first I’ll turn to those two old favourites – phishing and ransomware attacks.

Phishing attacks

Tried and tested. Easy to execute. The cosy old sweater of cyber-attacks. Phishing attacks may feel a little old school, but they are still the most common attack vector by a country mile.

2019 saw a 32% rise in successful breaches that resulted from phishing attacks, and it’s worth noting that there have been significant advances in phishing ‘kits’ sold on the black market, enabling cybercriminals to launch ever more advanced and realistic attacks.

Your organisation should certainly be carrying out the appropriate user training to ensure your users know how to identify and handle suspected phishing emails.

The death of ransomware?

Depending on who you speak to and what stats you read, ransomware is either dying or thriving. Within consumer markets ransomware has seen a significant decline in 2019, but ransomware attacks launched against public sector organisations have almost doubled since 2018.

As individuals we can perhaps be less concerned about being targeted by ransomware, but ask any public sector IT Manager and you’ll find that reports of its death have been greatly exaggerated. By now we should all have the cyber security measures and robust backups in place to enable our organisations to recover from ransomware attacks. Shouldn’t we?

Web browser DNS over HTTPS

Mozilla and Google have recently implemented DNS over HTTPS (DoH) in their Firefox and Chrome browsers. DoH transfers domain-name queries over secure HTTPS servers to DNS servers, preventing third parties (both malicious and benevolent) from seeing the websites that users visit.

Although this provides an additional level of security and privacy to individuals, it could also prove to be a bit of a nightmare for software vendors and IT admins this year. With DoH servers hard coded into web browsers, the likes of web filters could potentially be deemed ineffective as users avoid pre-configured DNS servers and effectively bypass enterprise policy.

Mozilla has given the UK Government assurances that DoH will not be enabled by default in UK-based Firefox browsers, but this doesn’t mitigate the need for your organisation to take steps to ensure its enterprise policies – and broader cyber security posture – include provisions for DoH in 2020.

AI-based malware

Another development I see playing a factor in 2020 is less immediate, but in many ways much scarier. AI-based antivirus applications are becoming increasingly popular, as software vendors seek to utilise machine learning to address and anticipate zero-day attacks.

The flipside of the coin, though, is the rising spectre of AI-based malware. We’ve yet to see evidence of AI-based malware in the wild, but it’s fair to assume that someone, somewhere is working on developing intelligent malware strains that utilise AI and machine learning. Given this assumption, I believe we all need to take the threat of AI-based malware seriously.

With non-AI-based malware like WannaCry and NotPetya causing damage far beyond their intended target organisations back in 2017, the impact of an AI-based malware strain on the likes of critical national infrastructure, transport networks and nuclear power stations as it learns and mutates would have the potential to become catastrophic.

IBM has developed an interesting proof of concept strain that researchers are learning from, but the truth is we don’t yet know what AI-based malware is truly capable of. If AI-based malware changes from theory to reality in 2020, we could all feel its impact on both our professional and personal lives.

Protect yourself and your organisation

There’s no escaping it – you need to be highly cyber security-aware if your organisation is to minimise the risks it faces in today’s hostile digital landscape. If you lack the skills, the scale or the finances to assess, address and manage your organisation’s cyber security posture, you should consider working with an experienced cyber security partner.

You can leverage their investment in the cyber security skills and capabilities you need to remain safe, compliant and successful throughout 2020 and beyond.

Copyright Lyonsdown Limited 2021

Top Articles

Clubhouse data leak: Data of 1.3m users dumped on a hacker forum

An SQL database containing records of 1.3 million Clubhouse users has been leaked for free on a popular hacker forum.

Iran terms Israeli cyber attack on nuke facility as "nuclear terrorism"

A rumoured cyber attack carried out by Mossad, Israel's official spy agency, destroyed legacy IR-1 centrifuges at Iran's underground nuclear facility located in Natanz.

The Hunt for Red Insider

The analogy to The Hunt For Red October is not far removed from the common reality of cybersecurity.

Related Articles