This article was updated in December 2019.
Most experts agree that 2020 will bring a higher sophistication of malicious hacking.
More of these network security threats and attacks will be high profile and reinforce the importance of cybersecurity plan. Hackers will target well-known brands, looking for notoriety as well as money.
As a result, the security response of the business community must rise to the occasion.
Any network with a connection to the Internet is potentially vulnerable. The number one thing you can do to protect your systems is to establish a backup strategy for your data, now.
Types of network threats to be aware of in 2020
Ransomware (and Micro Ransomware)
As the so-called “as a Service” services increase, we can expect a proliferation of ransomware types to showcase itself across networks.
Ransomware is an attack vector that focuses on vulnerabilities that are much different from any other form of malware. It is also one of the easier malicious attacks to employ, giving relative newbies the leverage to troll their way into crime.
The more severe users of malware will use ransomware to focus on easily penetrable industries such as healthcare. The proliferation of big data has made sensitive medical information much more valuable than it has ever been. Other industries that traffic in sensitive consumer data will also find themselves targeted by this unique form of malware.
Ransomware can also shut down POS systems, blocking payments from ever reaching the recipient. Currently, email is the number one delivery method for ransomware and viruses. This will also change as technology becomes more sophisticated.
Although the trend will expand, not all attacks will be massive. Ransomware is one one the fastest growing cybersecurity threats to network security. Experts say that we can also expect ransomware attacks targeting smaller companies. This, in turn, leads to more advanced ransomware prevention solutions being developed.
Learn more about phoenixNAP’s range of cloud-based ransomware protection solutions that can safeguard your critical workloads and data.
An offset of the growing ransomware plague is long-standing extortion techniques. Once a vulnerability has been opened through a ransomware attack, it can be quite challenging to close. This can leave a digital door open for a malicious user to require ongoing payments in order to keep from accessing the vulnerability again.
In this way, ransomware scams can last for much longer than the initial attack, creating an environment of fear for companies that do not have the appropriate technology to ensure closing digital backdoors.
Companies that are looking to expand will find themselves targeted by this kind of extortion. Even if a security network is relatively secure at its base, when it takes on new third-party applications, new security backdoors can be opened because of the interaction between legacy apps and new apps. Companies that rely on automated updates may also face ongoing extortion efforts from hackers who follow the schedule of these updates and plan attacks around the “changing of the guard.”
Malware in the Mobile Device Space
Smartphones are no longer safe. As commerce moves into the mobile space, hackers will move with it. 35% of the general public uses smartphones for banking, and these people will be targeted by hackers. There are many malware families dedicated specifically to mobile device platforms. They are becoming very good at stealing the financial information of online bankers.
Keyloggers, for instance, are no longer a sickness relegated only to desktop and laptop computers. Mobile keyloggers can steal passwords from other apps that are downloaded into a phone. If a user has the same password for that app and a financial app, the hacker now has access to the online banking credentials of that user. Take the time to create ideas for great secure strong passwords.
Hackers may also use creative techniques to get users to download malicious apps. These apps work in the same way as an email phishing campaign or a silent.exe download. Once they open a small hole in the security of the hardware, a hacker can come in and make it much bigger over time.
Exploits Directed at the Windows Subsystem for Linux
The Windows Subsystem for Linux (WSL) will likely be a huge target in 2020. WSL is a new technology that shipped out with Microsoft Windows 10. It was created to allow Windows tend to run alongside a limits environment. However, the many security exploits that have already been found within the Windows 10 environment do not speak well to this premature expansion.
There are many companies that have not upgraded to Windows 10.
As this upgrade is forced into many environments, you can expect that hackers will continue to focus their efforts on it. Microsoft has yet to respond adequately to many of the criticisms leveled its way about forcing implementation of its operating systems before adequately testing for exploits.
As people plug into the Internet of Things, hackers will make this new system one of the first locations for significant incidents.
The leaked Mirai code of 2016 that created a very effective legion of bots will expand and grow into IoT, says Bitdefender senior analyst Bogdan Botezatu. The DDoS or denial of service attacks that were created from these bots will seem rather tame in the face of the dual ransomware/botnet attacks that will show themselves in 2020.
Modern botnets even can directly defeat systems with machine learning capabilities. The sheer volume of these botnets makes it possible to attack with brute force some of the weaker infrastructures. GPU based encryption is another advancement that many cybersecurity systems have yet to catch up with.
Polymorphism and Powershell
The proliferation of open-source tools will bring with it an increased level of abuse.
Even network security tools that have a decent reputation in the freeware space may be targeted as Trojans. Commercial actors and APT groups are already beginning to include PowerShell manipulation in their malware toolkits. The more sophisticated these tools become, the more security products they will be able to bypass.
Many types of malware also can change their signatures. This is known as polymorphic malware. Qbot is just one example of incredibly sophisticated polymorphic engines that are currently taking up space in the cloud. The creators of these engines are actually renting them out to other malicious entities, with the two entities splitting the profits of whatever haul they bring in. In short, the creation of malicious software has been crowdsourced. There are simply not enough companies with the in-house staff to handle this kind of teamwork.
Artificial Intelligence Security Tools
It is difficult enough for a company to keep up with and respond to the last major publicized cybersecurity breach. In 2020, hackers will employ AI tools that will consistently scan the environment for new exploits.
Hackers will be able to upgrade and modify their techniques in real time. Most organizations only have access to scanning tools that were based on policy compliance and configuration. These tools are looking to the past, not to the future. They just cannot keep up with AI-based tools that are creating and testing scenarios for the sole purpose of breaking into a system.
There is no in-house DevOps security best practices or team that can keep up with the amount of analysis and data that is necessary to ward off real-time attacks that can consistently change form. It is the equivalent of chasing a fly around a huge room. Companies will need to employee third-party experts that can accurately conduct impact and context analysis.
Cybersecurity Third Party Breach Threat
Breaches do not have to come from a direct attack. In 2018, more breaches were made possible through a third-party source. These nerd parties may have been trusted. However, that third-party does not always have an awareness that it is being used as an open hallway to a target that it is connected to.
Hackers can sanitize their trail so that it cannot be quickly followed. The company that is attacked may believe that it was the direct target of the attacker with no roundabout pathway made to its doorstep through the naïve third-party.
The past few years have seen many security breaches accomplished through third parties. Hackers were able to access the network of major retailer Target through one of its HVAC vendors. A point-of-sale vendor was the gateway for hackers to break into the networks of Home Depot, Inc. and Hilton Hotels. These were not the only companies that suffered a data breach through some aspect of their supply chains.
Companies may also become vulnerable through a third-party connection without a firewall. It is imperative that companies that are doing business with each other in the digital space expand and share their security features with each other. For instance, the app structure of a third-party company may also affect the ability of a targeted company to adequately secure its own borders.
Network Security Risk Management
Companies that haphazardly expand their digital ecosystems will be the most highly targeted. Hackers are continually monitoring these ecosystems, standing just outside the doorway waiting for an expansion that they can exploit.
Governments are attempting to rein in the ability of individual companies to expand their digital real estate too fast. However, there are limitations on what regulations can protect.
The issue of regulatory compliance will come into the spotlight during the implementation of the General Data Protection Regulation (GDPR) across the digital landscape. Experts believe this will cause an outbreak of attacks as companies to adjust their security measures to remain in compliance with GDPR.
It is essential to remember that hackers do not care if you comply with the latest government regulation. They only care about getting your private data.
Business Email Network Security Risks
Email vulnerabilities are the grandfather of all types of threats in network security.
It continues to be a massive problem across industries because it still works with a very high frequency. It is also a relatively easy way to breach a companies systems. Hackers do not need a great deal of technical expertise. All that is necessary is control of a resource that executes when a phish is triggered by an errant employee. Often, the security risks of wireless networks are not taken seriously.
A lack of training on the best practices of email security is the number one culprit in email hacks. Large companies can still be targeted because of the higher probability of an untrained employee opening a phishing email. Many experts believe that the financial industry, ransacked by ransomware and other malware in 2020, will remain a top target of this form of breach.
Criminals looking to break into companies through emails may also use relevant information from employees. Hackers may attend an industry event, gain the contact information of a high-ranking employee, and use that information to break in relatively undetected. It is essential to protect your company from a physical standpoint as well as in the digital space.
Cloud Network Security and Vulnerabilities
The public cloud continues to be a massive target for cybercriminals. Again, large companies continue to rest in the center of the bulls-eye. Companies without a strong tiered program of access are at the most significant risk. All it takes is one untrained employee with access to open up any number of cloud security vulnerabilities across the network.
Hackers can access this information in a number of ways. It is up to the organization to quarantine employee access so that physical hacks will only allow access to a controllable, easily trackable dataset.
The Hijacking of Search Results
Many companies are unaware that the major search engines have personalized search results quite effectively. Depending on the previous searches of a company and its behavior during those searches, it can receive different results from any other entity in the world.
In short, there is no such thing as generalized search results anymore. Hackers are acutely aware of the targeting that search engines employ. If they can hack into the behavioral patterns of an organization, they can also hack into that companies search engine results.
Search tampering involves hijacking one or more of the results on a search engine page. Under the guise of following relevant links, a company can be directed to a malicious site. From here, hackers have a number of options. Once a company has access to this site, a hacker can tap into anything from digital files to security cameras.
Always Be Prepared for the latest network security threats
Knowing about security threats is one thing. Responding to them is another. The tips above should drive you into action.
Take the appropriate steps to protect your data streams. This year will not have mercy on any company without the proper security!
Preparation is the only defense. Start with a network risk management, incident response planning, and evaluating current security protocols.
In most cases, the security industry is functioning in response to attacks from malicious hackers. You must remain proactive and up-to-date on the latest types of network threats. You must also employ the newest protection strategies using AI, machine learning and systems analysis.