Cyber risks increase with the increase and spread of legacy systems and data centers, public cloud services and SaaS applications.
In 2020, the main cyber risk carriers will continue to be emails and applications open to the Internet. According to experts, computer viruses conveyed by email are evolving rapidly and hackers find new methods every day to evade traditional security solutions. Each company must, therefore, equip itself with the most advanced protection systems in line with the evolution of cyber risks and cyber attacks, and also be supervised by external professionals able to offer advice on the implementation of information system protection measures.
Cloud, SaaS applications, brute force attacks
The most serious threat expected is partly new. More and more companies are adopting serverless platforms to reduce costs and integrate cloud applications, which use storage space accessible anywhere. These are the now widespread SaaS applications.
Switching to serverless does not solve security problems. Web application security is often overlooked because most organizations lack the skills and resources needed to manage these solutions. Many companies assume that the necessary protection is provided by their hosting service, which however hardly offers adequate coverage.
For these critical issues that are not addressed, cloud-based collaboration and production software are among the targets preferred by hackers. Given the frequent phishing campaigns, the focus remains on compromising accounts that can be used for future attacks. Traditional brute force attacks on cloud services, which gain access to an authorized account to crack encrypted data and steal information for fraud purposes, will also continue in 2020.
Conversation Interception, Counterfeit People’s Voice, and Attacks Highly targeted will make BEC attacks even more convincing. Spearphishing easily draws in deception, seen pointing at one person, the so-called spray phishing, a mass attack that tries to involve as many victims as possible and is less personal and credible.
An example of pishing is fake emails from Netflix, in which they say that the account has been blocked due to a non-payment.
Complex Infection Processes
In 2019 email attacks were done via dangerous URLs to distribute malware. Users are warned against opening documents received from unknown senders, but the growing use of applications and cloud storage has accustomed them to click on various links to view, share a multitude of content and interact. Cybercriminals will take advantage of these developments because URLs can mask even more difficult to detect infection processes.
Emails may seem like simple messages from colleagues who want to share documents, but they can hide a serious danger. An example can be read in this article.
Ransomware is primarily aimed at high redemption operations to unlock servers and endpoints, but they play a secondary role compared to infections that use Trojans and RATs, making prevention and defense essential. Firms that will be affected by ransomware have already been compromised by a host of malware that creates future vulnerabilities and puts them at risk of losing data and intellectual property.
Privacy and GDPR compliance
In 2020, IT security managers in the company must be fully aware of the proliferation of privacy and compliance laws that are implemented all over the world. The GDPR is just the beginning: you need to be ready to adapt to the introduction of similar regulations, with huge and increasingly complex implications especially for companies operating on an international scale. An increasing number of companies rely on public cloud infrastructures and solutions, it is also true that human error will continue to be the leading cause of violations, especially for incorrect configurations or unresolved vulnerabilities.
Training must be a central asset
Automated systems can protect mailboxes from many threats, but users are the final line of defense, especially with regards to voice and SMS phishing. Consequently, training is an essential component of security. Often even in cases where it is organized, organizations are very selective about the users to be involved, due to the limited resources dedicated to employee training.
An extended cyber risk
Summarizing the biggest threats to cybersecurity will come from the continuous proliferation of the network, from the transition to cloud systems and from the extension to critical infrastructures and industrial control systems.
In an interconnected world, an attack against a company soon extends to the whole chain. Supply chain vulnerabilities were the protagonists of attacks on major retailers in the years 2013 and 2014. Cyber attackers took advantage of the supply chain for every type of business, from the theft of credit card credentials to compromised business email and techniques of attack will become even more sophisticated later in the year. Companies must more carefully select the partners to rely on, also based on their email protection system, to avoid risks of compromise and exploitation of vulnerabilities. The spread of the 5G network will allow attackers to steal data from compromised devices. Managing the problem in an inadequate way risks having excessive impacts on business continuity and company profits.