It’s hard to believe that we’re already in the last quarter of 2019. In terms of cybersecurity, this year has seen some mammoth crises and attacks, including the ransomware attack on the City of Baltimore, and the recent cyber-attack on the City of Johannesburg’s banks.
It’s safe to say that cybersecurity will continue to be a priority for the upcoming year. With this in mind, seven cybersecurity experts spoke to IT Pro Portal to share their predictions about what 2020 will bring to the world of security.
1. Ransomware attacks will come to Android phones
Steve Nice, Chief Security Technologist at Node4: “In 2020, there’s no doubt that phishing and ransomware will continue to evolve and be the number one threat to businesses, as attackers are always looking for – and exploiting – new attack vectors. Whilst there may be headline-grabbing attacks on connected vehicles, TVs etc, phishing and ransomware are still the primary revenues for cyber-criminal gangs, and users will still be blasé about security.
“Because of the amount of major credential breaches being reported on in the mainstream press, and the ICO’s greater powers when it comes to fining companies, I think we’ll actually begin to see a decrease in these breaches, as companies become more diligent about security.
“However, there will be new vulnerabilities in 2020, and while older technologies (technical debt) will continue to be exploited, mobile phones will evolve to become a prime attack vector. For example, there could be a ransomware attack on Android phones, where the whole phone becomes completely inoperable unless you pay for a decryption key.”
2. Insurance companies will begin to take an active role in ransomware
Alan Conboy, Office of the CTO at Scale Computing: “The recent news cycle has been flooded with organisations from airlines to banks and hospitals, even entire local governments, falling victim to ransomware attacks. Threats such as these are evolving at a horrific pace, and they will continue to become smarter, more lucrative and increasingly devious in 2020. So, to the organisations that think they can’t afford to modernise their infrastructure defences, well, the truth is that they can’t afford to not do so.
“As this malicious momentum snowballs into next year, businesses must realise that traditional legacy tools are not only slowing their digital journey down, but leaving them vulnerable to tactical and well-organised criminals. We will see organisations taking advantage of highly-available solutions, such as hyperconvergence and edge computing, that allow them to not only keep up with changing consumer demands, but deploy the most effective cyber-defences, disaster recovery, and backup.”
“The way organisations approach the aftermath of data being corrupted will likely change too, as insurance companies will begin to take an active role, not just in the recovery of data, but in the decision making when it comes to whether or not to pay the ransom demand. The overall cost of doing business will rise in conjunction with the growing threat of cyber-attacks, and every business should be bracing themselves for the impact.”
3. AI-based malware will become catastrophic
Andy Swift, Head of Offensive Security, Six Degrees: “There are two major developments I see influencing the cybersecurity landscape in 2020 – one that is already causing headaches for security professionals and even governments, and another that is (at the time of writing at least) purely theoretical.
“Mozilla and Google have recently implemented DNS over HTTPS (DoH) in their Firefox and Chrome browsers. DoH transfers domain-name queries over secure HTTPS servers to DNS servers, preventing third parties (both malicious and benevolent) from seeing the websites that users visit.
“Whilst providing an additional level of security and privacy to individuals, DoH could prove to be a nightmare for software vendors and IT admins in 2020. With DoH servers hard coded into web browsers, the likes of web filters could be deemed ineffective as users avoid pre-configured DNS servers and effectively bypass enterprise policy.
“Mozilla has given the UK Government assurances that DoH will not be enabled by default in UK-based Firefox browsers, but this doesn’t mitigate the need for organisations to take steps to ensure their enterprise policies – and cybersecurity postures – include provisions for DoH in 2020.
“The second development I see playing a factor in 2020 is less immediate, but in many ways much scarier. AI-based antivirus applications are becoming increasingly popular, as software vendors seek to utilise machine learning to not only address but also anticipate zero-day attacks.
“The flipside of the coin, though, is the rising spectre of AI-based malware. We’ve yet to see evidence of AI-based malware in the wild, but – given the fair assumption that someone, somewhere is working on developing intelligent malware strains that utilise AI and machine learning – we need to take the threat of AI-based malware seriously.
“With non-AI-based malware like WannaCry and NotPetya causing damage far beyond their intended target organisations back in 2017, the impact of an AI-based malware strain on the likes of critical national infrastructure, transport networks and nuclear power stations as it learns and mutates could be catastrophic.
“IBM has developed an interesting proof of concept strain that researchers are learning from, but the truth is we don’t yet know what AI-based malware is truly capable of. If AI-based malware changes from theory to reality in 2020, we could all feel its impact on both our professional and personal lives.”
4. State-sponsored attacks will grow in number
Tim Bandos, Vice President of Cybersecurity at Digital Guardian: “I think geopolitical relationships around the world have increasingly become strained and uncertain with direction and I believe we'll see state-sponsored attacks being carried out much more; possibly even against critical infrastructure. There have been a number of attempts and even successful attacks against these types of systems but for the most part they've all been isolated incidents. One can only wonder though if these attacks were merely conducted to set up backdoor functionality for a future panic button push to cripple the target's systems. Not to mention the considerable adoption of IoT devices connecting once-segregated Operations Technology (OT) environments; which only further widens the attack landscape. The security in these environments need to be fully assessed and controls need to be put in place as soon as possible in order to mitigate against future attacks. It's only a matter of time.”
5. The cybersecurity skills shortage will continue
Graham Marcroft, Compliance Director at Hyve Managed Hosting: “Many of the predictions about cybersecurity in 2020 are likely to be a continuation and advancement of the trends we have already seen emerge and ripple outwards at a rapid-pace this year. For example, recent research found that, in 2018, 70 per cent of cybersecurity professionals said the cybersecurity skills shortage had impacted their organisation, and the fact is that this cybersecurity skills gap is set to get even wider. This will mean the latest ease-of-management technology solutions become a necessity rather than a luxury, and the growing skills shortage will cause a boom in businesses choosing to outsource their IT security requirements.
“With the newest technological advancements still in their infancy, but growing exponentially, things like the IoT and 5G will bring about positive change. But, they also bring with them complex new cyber-threats, as the mammoth surge of data volume and the new ways to create and connect this data will make implementing effective cyber-defences from every angle a much bigger task.
“Cybersecurity will become top of the board agenda across all industries, and businesses should expect to increase cybersecurity spend and look to deploy specific training in order to rise to the challenge and keep ever-valuable data protected from new threats and growingly sophisticated cybercriminals.”
6. AI/ML threats will continue to rise
Richard Cassidy, Senior Director Security Strategy at Exabeam: “2020 should herald a true golden age of ‘deep learning’, which will see a resurgence of artificial intelligence (AI) embedded into the fabric of our security frameworks. Expect to see some exciting machine learning (ML) developments in the seemingly ‘ad infinitum’ war on cyber-threats and bad actor group attack circuits.
“Security focus will move away from the tired alerting methodology we’ve all painfully relied on for far too long, to a far more ‘risk context’ approach, combining data-classification, trust modelling and security analytics functions.
“We’re already seeing almost all security vendors scramble to jump on the AI band-wagon, with those who managed to book early now trying to differentiate with new waves of ML algorithms, offering more enhanced ways to detect the ‘unknown unknowns’. That said, however, security practices should pay heed to the fact that AI is not all about the new and ultimately unfathomable. It’s about enabling organisations to do far more with what they have, super-charging existing security and GRC functions – not least hyper-enabling already over-stretched teams – to focus on doing more of what they enjoy and innovating for the betterment of business outcomes.”
7. Lateral phishing will gain traction throughout the year
Anurag Kahol, CTO, Bitglass: “Threat actors are always enhancing their current tactics, techniques, and procedures (TTPs) as well as creating new ones in order to infiltrate businesses and steal data, implant ransomware, and more. One technique that will continue to gain traction in 2020 is lateral phishing. This scheme involves a threat actor launching a phishing attack from a corporate email address that was already previously compromised. Even the savviest security-minded folks can be lulled into a false sense of security when they receive an email asking for sensitive information from an internal source – particularly from a C-level executive. As we will continue to see cybercriminals refining their attack methods in 2020, companies must be prepared.”