Industry executives and experts share their predictions for 2020. Read them in this 12th annual VMblog.com series exclusive.
By
Cam Roberson, Director of the Reseller Channel at Beachhead Solutions
Social Engineering and Ransomware Attacks Will Get Cleverer (and More Dangerous) in 2020
Attackers
scheming to infiltrate business' IT systems and install nefarious malware are
making big strides at refining their techniques - earning their status as "criminal
enterprises" by introducing enterprise-grade sophistication to their illegal
practices.
Like
vampires, these attackers must become ever more insidious, because more often
than not they can only successfully infect systems when invited in (and therefore
target individual employees with complex tricks to gain their unwitting and
unwilling help in gaining that golden ticket). At the same time, these criminal
enterprises are becoming more aware and capable in thwarting security measures
designed to stand in their way.
Here's
a clear-eyed vision of what businesses, managed services providers, and
employees within any organization should anticipate when it comes to keeping
data and systems secure in 2020:
1) Get ready for a world where
organized malware criminals have quarterly reports.
Tried
and true business techniques - for example, data-driven growth and optimization
strategies - aren't inherently a force for good, and are just as effective in
the hands of criminal enterprises as when used by legitimate ones. In 2020, it
will become even harder to tell the practices of legal and illegal software
businesses apart, as malware practitioners work to maximize the efficiency and
ROI of their efforts and capitalize on opportunities with marked precision.
In
practice, a criminal enterprise can source active email addresses from the dark
web (investing a mere $600 or so per million
emails isn't uncommon), target them with ransomware, examine the ROI, and then
iterate their techniques for improvements where patterns of opportunity emerge.
For instance, the trucking industry has recently joined traditional targets
such as healthcare and finance as a ripe area of focus for ransomware. With
estimates showing ransomware attacks to have doubled throughout 2019, expect that
growth trend to continue as business analysts at these criminal enterprises
only improve at assailing their legitimate counterparts.
2) Malware-delivering (or data
stealing) spearphishing techniques will become frighteningly believable.
If
the vampire-like weakness of malware attacks is that enterprise employees must
be tricked into inviting it to do harm, their strength is that they have the
powers to be mesmerizing and nearly invisible. Expect attackers to leverage ever
more sophisticated spearphishing techniques: email-based attacks that leverage
the target's personal details to gain their confidence while pressing them to
make decisions that either expose sensitive data or invite malware into
enterprise systems.
For
example, a finance department director might receive an email that is by all
appearances from the business's CEO, asking the employee to address an urgent
complaint by wiring company funds or sending sensitive information. In reality,
attackers assemble convincing communications like these by first procuring data
on the individuals they impersonate from the dark web, including personal details
collected from across their social media accounts and other publicly available
information.
2020
is shaping up to be the year that criminal enterprises ramp up spearfishing
attacks and hit organizations where it hurts, especially seeking to compromise
cloud systems and ecommerce communications. By infiltrating these
communications, attackers can leverage customer data and purchase information
to send very official-looking phishing emails, fooling customers into sharing
further data and leaving businesses with a long hard road to winning back
trust. Expect headlines in 2020 to include horror stories like this that will
keep business leaders up at night.
3) Businesses will combat social
engineering attacks with more regimented employee training, and more careful
policies.
With
social engineering and spearphishing attacks becoming more dangerous, businesses
and MSPs will take steps to defend themselves (or their clients) and their
employees manning the point of attack by pursuing more robust training methods.
Already, organizations are leveraging managed service providers offering
employee training management tools such as Breach
Secure Now!, as
part of layered security strategies alongside data encryption and device access
control tools like our own. These training tools instruct employees how to
identify phishing and malware threats, put employees through realistic
scenarios where benign phishing emails arrive in their inboxes as tests, and
certify employees when they successfully demonstrate best practices. At the
same time, enterprises will protect themselves with more secure policies; for
example, ensuring that no single employee can authorize a transfer of funds or
sensitive data without additional scrutiny.
4) Data backups will become even
more of a battlefield between businesses and ransomware attackers.
Businesses
with available data backups have a get-out-of-jail-free card to play if
ransomware locks down their systems and data: they can simply restore from
those backups and ignore ransom demands completely. However, sophisticated
criminals recognize this threat to their livelihood and now use tools that
attack backup systems as well. Backup products have responded in kind with new capabilities
like airgapped and off-network storage, while criminal enterprises have further
escalated this arms race with "attack loops" that lie in wait to sneak into
airgapped storage. 2020 is certain to bring with it new advances in this
ongoing conflict.
##
About the Author
Cam
Roberson is the Director of the Reseller Channel for San Jose-based Beachhead Solutions, which provides a PC and Mobile
Device encryption service platform for MSPs and businesses across industries.