By Cam Roberson, Director of the Reseller Channel at Beachhead Solutions

Social Engineering and Ransomware Attacks Will Get Cleverer (and More Dangerous) in 2020

Attackers scheming to infiltrate business' IT systems and install nefarious malware are making big strides at refining their techniques - earning their status as "criminal enterprises" by introducing enterprise-grade sophistication to their illegal practices.

Like vampires, these attackers must become ever more insidious, because more often than not they can only successfully infect systems when invited in (and therefore target individual employees with complex tricks to gain their unwitting and unwilling help in gaining that golden ticket). At the same time, these criminal enterprises are becoming more aware and capable in thwarting security measures designed to stand in their way.

Here's a clear-eyed vision of what businesses, managed services providers, and employees within any organization should anticipate when it comes to keeping data and systems secure in 2020:

1) Get ready for a world where organized malware criminals have quarterly reports.

Tried and true business techniques - for example, data-driven growth and optimization strategies - aren't inherently a force for good, and are just as effective in the hands of criminal enterprises as when used by legitimate ones. In 2020, it will become even harder to tell the practices of legal and illegal software businesses apart, as malware practitioners work to maximize the efficiency and ROI of their efforts and capitalize on opportunities with marked precision.

In practice, a criminal enterprise can source active email addresses from the dark web (investing a mere $600 or so per million emails isn't uncommon), target them with ransomware, examine the ROI, and then iterate their techniques for improvements where patterns of opportunity emerge. For instance, the trucking industry has recently joined traditional targets such as healthcare and finance as a ripe area of focus for ransomware. With estimates showing ransomware attacks to have doubled throughout 2019, expect that growth trend to continue as business analysts at these criminal enterprises only improve at assailing their legitimate counterparts.

2) Malware-delivering (or data stealing) spearphishing techniques will become frighteningly believable.

If the vampire-like weakness of malware attacks is that enterprise employees must be tricked into inviting it to do harm, their strength is that they have the powers to be mesmerizing and nearly invisible. Expect attackers to leverage ever more sophisticated spearphishing techniques: email-based attacks that leverage the target's personal details to gain their confidence while pressing them to make decisions that either expose sensitive data or invite malware into enterprise systems.

For example, a finance department director might receive an email that is by all appearances from the business's CEO, asking the employee to address an urgent complaint by wiring company funds or sending sensitive information. In reality, attackers assemble convincing communications like these by first procuring data on the individuals they impersonate from the dark web, including personal details collected from across their social media accounts and other publicly available information.

2020 is shaping up to be the year that criminal enterprises ramp up spearfishing attacks and hit organizations where it hurts, especially seeking to compromise cloud systems and ecommerce communications. By infiltrating these communications, attackers can leverage customer data and purchase information to send very official-looking phishing emails, fooling customers into sharing further data and leaving businesses with a long hard road to winning back trust. Expect headlines in 2020 to include horror stories like this that will keep business leaders up at night.

3) Businesses will combat social engineering attacks with more regimented employee training, and more careful policies.

With social engineering and spearphishing attacks becoming more dangerous, businesses and MSPs will take steps to defend themselves (or their clients) and their employees manning the point of attack by pursuing more robust training methods. Already, organizations are leveraging managed service providers offering employee training management tools such as Breach Secure Now!, as part of layered security strategies alongside data encryption and device access control tools like our own. These training tools instruct employees how to identify phishing and malware threats, put employees through realistic scenarios where benign phishing emails arrive in their inboxes as tests, and certify employees when they successfully demonstrate best practices. At the same time, enterprises will protect themselves with more secure policies; for example, ensuring that no single employee can authorize a transfer of funds or sensitive data without additional scrutiny.

4) Data backups will become even more of a battlefield between businesses and ransomware attackers.

Businesses with available data backups have a get-out-of-jail-free card to play if ransomware locks down their systems and data: they can simply restore from those backups and ignore ransom demands completely. However, sophisticated criminals recognize this threat to their livelihood and now use tools that attack backup systems as well. Backup products have responded in kind with new capabilities like airgapped and off-network storage, while criminal enterprises have further escalated this arms race with "attack loops" that lie in wait to sneak into airgapped storage. 2020 is certain to bring with it new advances in this ongoing conflict.

##

About the Author

Cam Roberson is the Director of the Reseller Channel for San Jose-based Beachhead Solutions, which provides a PC and Mobile Device encryption service platform for MSPs and businesses across industries.