Let’s cut right to the chase: the number of severity of cyberattacks will explode in 2020. Cyberwarfare has now leveled the playing field in industry, in government, and in national defense: why spend ten or fifteen billion dollars on an aircraft carrier when you can disable it digitally? Why spend billions on new product R&D when you can hack into your competition’s strategic plans? Why not just phish around municipalities for a quick $100K?
Cyberwarfare is a cost-effective solution to all sorts of problems – and opportunities: cyberwar-fare is a revenue stream, a new business model, digital transformation with its own unique flavor. I’ve written about this before in several different ways, with all sorts of warnings. Not that I’m sounding a quiet alarm. The whole world is warning anyone who will listen about cyberwarfare. But regardless of inexplicably unheeded warnings, I predict 2020 will be different – much worse than it’s ever been. Why? Simply because it’s the cheapest, easiest, fastest and most effective form of warfare we’ve ever seen, and because cyberwarfare defenses are more vulnerable than they’ve ever been.
Listen to what Daniel Markuson at NordVPN predicts:
‘Now, healthcare is at the risk of becoming the most breached sector. These organizations deal with great amounts of sensitive data but often fail to apply the latest security standards. Misconfigured databases and backups will be the leading reasons for successful hacker attacks. Hackers will get more creative, using complex social engineering techniques on potential victims. A significant increase in business email compromise and ransomware is predicted too.
“New mobile malware trends will appear. Last year, it was Simjacker attacks taking advantage of a vulnerability found in SIM cards. In 2020, there will definitely be new techniques applied to steal data from hand-held devices. For example, Rich Communication Services (RCS), the new messaging standard designed to replace SMS, is pretty easy to hack. Cybercriminals can exploit the technology to track users and compromise their location data. So this year, we’ll hear more about RCS text messages and calls getting intercepted. The tendencies also show we’ll see a spike in mobile payment scams and frauds.
“Cybercriminals will use artificial intelligence to scale their attacks. For example, the deepfake technology will be exploited in social engineering scams. This year saw the first noted instance of fraudsters using AI to mimic a voice in a scam. The audio deepfake was convincing enough to scam a CEO out of $243,000. Deepfakes will be the next frontier for financial fraud, hoaxes, and fake news. The number of the latter is bound to skyrocket whenever government elections are drawing close. And this year promises a great deal of them.
“There will be more than 80 elections held all over the world in 2020. It’s not hard to predict that both politicians and hackers will try to meddle with voters’ choices. The US presidential election will be under the magnifying glass as we have already seen the trust of Americans exploited to sway their votes. We should expect new stories about foreign and local actors interfering with the election and other stunts designed to shake public confidence. Thus, voters should stay vigilant and double-check all the news coming their way.”
Cybersecurity firm Trend Micro has more predictions:
- “Attackers will outpace incomplete and hurried patches.
- Cybercriminals will turn to blockchain platforms for their transactions in the underground.
- Banking systems will be in the crosshairs with open banking and ATM malware.
- Deepfakes will be the next frontier for enterprise fraud.
- Managed service providers will be compromised for malware distribution and supply chain attacks.
- Attackers will capitalize on ‘wormable’ flaws and deserialization bugs.
- Cybercriminals will home in on IoT devices for espionage and extortion.
- 5G adopters will grapple with the security implications of moving to software-defined networks.
- Critical infrastructures will be plagued by more attacks and production downtimes.
- Home offices and other remote-working setups will redefine supply chain attacks underscoring the need for security throughout the deployment pipeline.
- Vulnerabilities in container components will be top security concerns for DevOps teams.
- Serverless platforms will introduce an attack surface for misconfiguration and vulnerable codes.
- User misconfigurations and unsecure third-party involvement will compound risks in cloud platforms.
- Cloud platforms will fall prey to code injection attacks via third-party libraries.
- Predictive and behavioral detection will be crucial against persistent and fileless threats.
- The MITRE ATT&CK Framework will play a bigger role in how enterprises assess security.
- Threat intelligence will need to be augmented with security analytics expertise for protection across security layers.”
Tom Steinkopf, writing here, offers five more predictions:
1. Successful ransomware attacks will double. A 2019 report showed a steep rise in business ransomware attacks in the first quarter of the year. This trend will continue in 2020, and as the FBI softens its stance on businesses paying ransoms, the number of “successful” ransomware attacks (i.e., those in which the ransom is paid) will double, with total losses of all reported attacks increasing significantly.
2. Misplaced understanding of cloud security will increase risk. Another recent survey of ours found that 60% of organizations don’t understand the shared responsibility model when it comes to who secures workloads in the cloud. This will create a false sense of security in cloud security providers by their customers, as the latter are responsible for securing privileged access to their cloud administration accounts and workloads. Therefore, I see cloud environments becoming a top target of cyberattacks in 2020 as bad actors exploit this false sense of confidence.
3. More U.S. state election boards will be hacked. I believe federal aid to help states bolster their election security will come up short in 2020. As a result, every state election board will again be targeted by hackers in 2020 (as we saw in 2016), and I predict more will be successfully breached this election. Election boards frequently hold names, addresses, partial Social Security numbers, dates of birth, driver’s license numbers and a variety of other personal information about voters that can be leveraged by hackers for financial gain. This sensitive information can also be used to impersonate voters.
4. 2020 will bring the rise of securing machine identities. With an estimated 20 billion-plus internet of things-connected devices and an evolving enterprise threatscape that includes automation and DevOps, machine identities will become the largest cybersecurity exposure point in 2020, overtaking humans. However, automation, if done correctly by humans, could mitigate much of the risk, and employees will remain the biggest weakness for organizations.
5. Phishing will continue to evolve beyond email to SMS and video. Most people think of phishing (and the more targeted variety, known as spearphishing) as being limited to suspicious emails. Hackers have proven to be very capable of evolving to get around increased cybersecurity awareness, and phishing will continue to move away from using email as the preferred medium and focus more on Short Message Service (i.e., text messaging). I expect phishing attacks by SMS will increase by more than 100% in 2020, and we’ll see the first successful spearphishing by video, as hackers leverage new tools such as “deep fake” technology to look and sound like a trusted person (e.g., a FaceTime with an attacker posing as the CEO).”
There are other lists just as long and just as threatening. So why do long lists of valid threats go unheeded and under-funded? Years ago I assessed a huge enterprise’s vulnerability to cyberattacks. My responsibilities as CTO included a total assessment of the security architecture and the company’s digital vulnerabilities. When my team finished its assessment, the results were scary. When I took the results to the CFO (to which technology reported), his first and only question was, “what’s all this going to cost me?,” which of course was exactly the wrong question. Is that the problem?
Cyberwarfare is also inevitable because governments are reluctant to police themselves. Listen to what Andy Greenberg, writing in Wired Magazine, says about why governments have been unwilling to deal with the threats:
“More fundamentally, governments haven’t been willing to sign on to cyberwar limitation agreements because they don’t want to limit their own freedom to launch cyberattacks at their enemies. America may be vulnerable to crippling cyberattacks carried out by its foes, but US leaders are still hesitant to hamstring America’s own NSA and Cyber Command, who are likely the most talented and well-resourced hackers in the world. The Trump administration has only loosened the leash on Cyber Command, elevating its authority and freeing it up to launch preemptive attacks on enemy infrastructure. Just this year, Cyber Command has reportedly used those new authorities to fry the servers of the Russian troll farm known as the Internet Research Agency, target disruptive attacks on Iranian cyberspies, and plant potentially disruptive malware deep in Russia’s power grid.
In other words, the US and other world powers still haven’t realized that they have more to lose in an exchange of scorched-earth cyberattacks than to gain. Until they do, the cyberwar machine will roll onward, with nothing less than the infrastructure of modern civilization in its destructive path.”
Can there be any doubt about all these predictions?
Is 2020 the year?