The threat landscape is a volatile place at the best of times. but the unparalleled increase in corporate digital spending on the one hand and black hat innovation on the other is set to make 2020 another bumpy year for CISOs. As organisations as diverse as hospitals, banks, schools, and retailers continue to grow their digital infrastructure, they’re in danger of unwittingly expanding their attack surface — offering new opportunities for hackers to make money.
An effective response to these threats will require a blend of best practice basics and a willingness to embrace new security technologies. That’s because, although there will be new hacking tools and techniques to tackle over the coming year, many of the challenges facing organisations will be a continuation of current trends.
In no particular order, here are my five top threats to watch out for in 2020:
Email: still leaky after all these years
It should come as no surprise that email remains the number one threat vector for global organisations. It continues to be the easiest and most effective way for cyber-attackers to harvest user credentials and personal information, and/or install malware on a target’s machine. In 2020, CISOs must do more to make this channel more resilient to threats, by investing in DMARC, enforcing multi-factor authentication (MFA), improving security training and awareness programmes and enforcing other policies such as disabling macros.
On the plus side, new AI-powered tools are becoming more widespread, offering an innovative and more effective way to detect spear-phishing and other fraudulent messages.
From BEC to deepfakes
Business email compromise (BEC) cost organisations $1.3 billion in 2018, half of the total losses associated with global cyber-crimes reported to the FBI that year. Organisations are going to need to build staff awareness raising about the threat into their internal training programmes, as well as rolling out technologies and processes designed to spot and block attacks. But coming down the line at a rapid pace is an arguably bigger threat: AI-based spoof videos and audio. These so-called “deepfakes” are already being used to trick employees into making wire transfers. This is likely to be just the tip of the iceberg, and will need advanced tools and improved employee training to mitigate.Business email compromise (#BEC) cost organisations $1.3 billion in 2018, half of the total losses associated with global cyber-crimes reported to the FBI that year. ~ @PhilMuncaster #InfoSec #CyberSecurityClick To Tweet
Clouding your 2020 vision
The most obvious manifestation of digital transformation investment is increased spending on cloud platforms. But the advent of hybrid and multi-clouds is creating complexity that many in-house security teams are ill-equipped to manage. The result? Over the coming year, we’ll see a continued slew of data leaks stemming from misconfiguration of cloud infrastructure, and an increasing number of incidents like the Capital One breach where hackers capitalise on internal mistakes to make off with sensitive data.
Ransomware: more targeted, more dangerous
Over the past 12 months, we’ve seen an evolution of one of the biggest threats of recent years, as cyber-criminals refocused their ransomware campaigns on fewer targets. But that doesn’t mean your business is safe in 2020. In fact, the hackers are going to extra lengths to make sure their attacks are successful, deploying fileless malware techniques, RDP compromise and lateral movement to stay hidden until the time is right to strike. Reports suggest the average ransom demand has increased at the same time, making this an ongoing threat for 2020. The good news is that best practice security steps like MFA, network segmentation and prompt patching can mitigate many attacks, while regular on- and offline back-ups are essential.
Supply chain headaches
Modern organisations are nothing without their supply chains. Whether it’s a bakery relying on providers of flour, water and energy, or an online retailer with an expansive ecosystem of digital suppliers, these networks provide the products and services essential to business operations. But they’re also a potential security risk. Hackers will become increasingly adept at exploiting these supply chain relationships to further their own ends.
In 2020 we’ll therefore see more attacks on managed service providers (MSPs), which provide a handy stepping-stone into client networks, and digital skimming campaigns targeting the supply chain. The GDPR brought in strict new rules designed to improve transparency and accountability for just these circumstances. CISOs would do well to revisit their SLAs and partnership agreements to guarantee a baseline level of cybersecurity among all their suppliers, or risk the wrath of the regulators.
Phil Muncaster is a technology writer and editor with over 12 years’ experience working on some of the biggest technology titles around, including Computing, The Register, V3 and MIT Technology Review. He spent over two years in Hong Kong immersed in the Asian tech scene and is now back in London where information security has become a major focus for his work.