Virtualization Technology News and Information
Automox 2020 Predictions: Four Attack Threats on the Rise

VMblog Predictions 2020 

Industry executives and experts share their predictions for 2020.  Read them in this 12th annual series exclusive.

By Christopher Hass, director of information security and research, Automox

Four Attack Threats on the Rise

As we embark on a new year, it's clear that our attack surface is greater than ever before. That shows no signs of slowing down in 2020, as the constant evolution of next-gen technologies converges with larger-than-life pop-culture events to present some very challenging security threats. Here are four attack methods that will be most prevalent in the coming year. 

1. Mobile and IoT Attacks Will Continue to Rise

Cyberattacks on IoT devices surged 300% in 2019, and with the ever-growing number of IoT devices in circulation and the increased computing power of mobile devices, we expect this number to increase in 2020.

One of the biggest challenges IoT devices need to overcome is that they commonly have default credentials allowing for unauthorized access, leading to infection by Mirai which is commonly used in DDoS attacks. Protections that can put in place immediately to prevent these attacks include changing/updating passwords regularly, keeping devices up to date and not connecting devices to the internet if they don't need to.

2. Phishing Will Grow as an Initial Point of Compromise

As security products continue to become more and more feature-rich, and with the consolidation of security companies, it becomes increasingly difficult to gain initial access to a system; however, phishing attacks will continue to exploit the good intentions of employees.

While there are threats that you can completely mitigate by disabling a service or whitelisting/blacklisting, phishing is not one of those, disabling access to email is not an option in this day in age. It is also much easier to craft a good-looking phishing email than it is to discover and weaponize a zero-day.

A few tips to keep in mind: hover over links to ensure they will direct you to legitimate websites and try to segment emails a much as possible. Don't use company emails to sign-up for anything that is not business-related - this makes it easier to spot things that are out of place. And remember to deploy spam filters that can recognize and prevent emails from shady sources ever reaching your inbox. Organizations should also conduct their own mock-phishing scenarios to condition employees to spot mistakes the attacker may have made and help recognize phishing attempts.

3. Nation-State Attacks Will Ramp up in 2020

With the presidential election and the 2020 Olympics coming up, be ready for a number of state-sponsored nefarious activity. Presidential elections will be a major target, and we will likely see more propaganda campaigns distributed by social media outlets, similar to the previous elections. We are also likely to see something similar to the 2018 Olympic Destroyer malware around Tokyo in the summer.

I suspect that misattribution will also contribute to a bump in nation-state activity. Attribution is one of the hardest things to do accurately in security. Attackers are becoming more and more sophisticated due to companies implementing more and more feature-rich security appliances and software. More sophisticated attacks typically get attributed to APT or Nation-State actors. Also, the TTPs of Nation-State actors are becoming more well-known due to the increase in intel on these Nation-State actors, making it easier to copycat techniques. It is also likely that we will see multiple events of Nation-States or APTs denying services provided by critical infrastructures, such as the attack on Ukraine in 2016 or the attack on Saudi Arabia in 2017.

4. Ransomware Everywhere

Ransomware will continue to dominate security headlines and cause severe destruction in 2020. The complexity of the attacks and access to more sophisticated and customizable Ransomware-as-a-Service providers will continue to increase. Organizations will continue to struggle with both prevention and implementing practices to respond appropriately.

We will likely see new tricks implemented by attackers to encourage payment of the ransomware. I expect to see deepfakes used to convince victims to pay up, and the number of ransomware campaigns threatening to post sensitive data online if payment is not received. We saw this tactic used previously by the infamous Chimera ransomware campaign, and most recently with Maze

The payment of ransomware demands has increased over the last year due to the popularity of ransomware/security insurance, and the surprising quality of support ransomware campaigns supply to their victims. Until companies fully adopt a prevention-based mindset by patching your systems, installing a next gen endpoint protection platform, and ensure adequate backups are in place, expect this epidemic to continue for the foreseeable future.


About the Author

Chris Hass 

Christopher Hass is director of information security and research at Automox, where he leads the development of security policies and procedures to strengthen business application protection. He also oversees the selection, testing, deployment and maintenance of security hardware and software products.

Published Friday, January 10, 2020 7:30 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2020>