Virtualization Technology News and Information
Trustwave SpiderLabs 2020 Predictions: The Biggest Security Threats and Cybersecurity Predictions for 2020

VMblog Predictions 2020 

Industry executives and experts share their predictions for 2020.  Read them in this 12th annual series exclusive.

By Karl Sigler, Threat Intelligence Manager, Trustwave SpiderLabs

The Biggest Security Threats and Cybersecurity Predictions for 2020

We're entering a new decade of cybersecurity threats, and organizations and consumers should keep a few risks top of mind. Here are some of the key cybersecurity threats and challenges to look out for in 2020.  

1.  The widespread prevalence of facial recognition used by apps and devices could draw deep fake attacks.  

We expect to see deep fake videos increasingly used to tarnish the careers or reputations of individuals, particularly politicians as we near the 2020 presidential election. High profile people are perhaps most at risk, as deep fakes require abundant source material already available to pull audio and video required to create realistic simulations. Deep fakes are in its infancy and it remains to be seen how far cyber criminals will go for now, this type of threat targeting the general population remains more in the realm of fantasy than credible threat.

2.  Ransomware attacks on cities and governments will continue to grow. 

A number of successful ransomware attacks targeting large organizations, critical infrastructure, branches of government and cities were conducted in 2019. These coordinated cyberattacks can cripple victims completely, shutting down core services and rendering operations useless. We'll likely see organizations not prepared for such attacks continue to pay out ransoms in order to avoid downtime and loss of data. Unfortunately, these successful pay-outs show hackers that ransomware can be quickly profitable (and relatively easy to pull off), which will cause ransomware attacks to grow in 2020 as cybercriminals continue to evolve their techniques and coordination strategies.

3.  As digital currencies stabilize, crypto mining will remain popular but cryptojackers will turn toward custom scripts. 

The stabilization of the price of cryptocurrencies like Bitcoin makes cybercriminals put more faith in their hard to trace currency of choice. Getting paid in crypto is now more attractive - since criminals can worry less about their earnings being suddenly devalued by the market over the course of a day. However, with the shutdown of the popular Coinhive cryptomining service in 2019, hackers may need to start creating their own, custom scripts in order to remain undetected. Most defense teams know how to easily identify mainstream crypto mining scripts and are adept at catching miners who don't know how to cover their tracks. More sophisticated hackers could set up their own backend and customized JavaScript to feed mining processing power. This could give security teams a harder time in 2020 - but the cat and mouse game is getting closer each year as security teams get smart to nontraditional mining setups.

4.  5G adoption will drive hackers to target mobile as a main attack vector. 

The proliferation of 5G will make Wi-Fi and hard lines no longer a necessity for fast internet connections. Because of the freedom and speed 5G provides, we will see more consumers relying on their 5G enabled mobile devices as their sole means for internet access. Though today's mobile-based malware is notoriously difficult to set up and distribute, we'll start seeing mobile malware that piggy backs on social engineering attacks, specifically targeting bank transfers and ecommerce transactions. This social engineering component via phishing emails and text messages will make the malware easier to inject and spread. While 5G has many built in protections against direct attacks, as the protocol begins to develop more widespread adoption, we will likely see a further degrading of the traditional "network perimeter". With that will come more challenges for security professionals trying to ensure the security of the data and systems in their charge.

5.  Dev-security lifecycle becomes the Achilles heel for IoT devices.

IoT devices are not getting any safer. With the huge influx of IoT devices in homes and organizations, the attack surface targeted by criminals is just getting larger and more diverse. Manufacturers and developers need to take the security reins. But today's IoT solutions are often missing security quality assurance during their product development lifecycle. High bandwidth, direct connections to the internet via 5G will increase the threat of Mirai-like botnets. These direct connections will also provide attackers the ability to bypass perimeter protections that are normally in place in homes and organizations. All manufacturers should add security vetting to their product development lifecycle, especially with the cloud and 5G in mind, to get IoT device security in check before the number of vulnerable devices in the market becomes overwhelming.

6.  Magecart and similar attacks will proliferate. 

The adoption of EMV chip-enabled payment cards and readers have made it much harder for hackers to compromise point-of-sale systems and as a result, criminals' use of physical card skimmers and POS malware has decreased. As a result, hackers have shifted their focus to target ecommerce platforms. This increased focus has led to an explosion in virtual card skimmers that target online shopping cart platforms, stealing consumers' payment card data during checkout. The most prolific have been from the group known as Magecart, which target the popular Magento ecommerce platform. The Magecart threat will continue to grow in 2020. Ecommerce organizations that don't have the resources or security know-how to implement the minimal best practices of PCI compliance are at big risk - and they're putting their customers at risk as well. Unfortunately, these vulnerable organizations are typically smaller, "mom-and-pop" storefronts with weak security maturity. Every organization that accepts payments, no matter how big or small, should invest in proper security measures including regular vulnerability assessment to keep their customers' sensitive data safe.


About the Author

karl sigler 

Karl Sigler is Threat Intelligence Manager at Trustwave where he is responsible for research and analysis of current vulnerabilities, malware and threat trends. Karl and his team run the email advisory service, serve as liaison with Microsoft MAPP program, and coordinate disclosures of discovered vulnerabilities. Most recently, Karl was one of the security researchers instrumental in identifying "Backoff" point of sale malware that affected more than 1000 retailers worldwide.

Before joining Trustwave in 2013, Karl worked as the head of the IBM X-Force Education group for 12 years and has presented on topics like Intrusion Analysis and Penetration Testing to audiences in over 30 countries. In 2003 he released Knoppix-STD, the first Live LinuxCD dedicated to pen testing and forensics and a predecessor to distributions like BackTrack, Kali and Pentoo.
Published Thursday, January 23, 2020 7:41 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2020>