Technological advances in the cyber realm may hold the biggest security threats in 2020. We need to be vigilant to how cyber criminals exploit artificial intelligence and machine learning to launch malicious attacks. Mobile devices and the Cloud are prime phishing attack trajectories and will increasingly be seen as fertile ground for compromise by criminals. Coupled with the rapid growth of software development, is the cybersecurity skills shortage which could see vulnerabilities in systems worldwide. Experts predict the following cybersecurity threats that 2020 may have in store.
Ransomware was the menace of 2019 and will continue to be a threat through 2020. Limor Kessem from IBM Security indicates that organised cyber gangs will focus on smaller ransomware attacks because they are easier to anonymize, easier to launder, and require less sharing of illicit profits with street gangs that launder bank fraud proceeds. This is a move away from banking trojans in huge multi-million-dollar SWIFT-related heists.
Lookout security experts predict that mobile will become a primary phishing focus for credential attacks in 2020. This is primarily because traditional secure email gateways, “neglect mobile attack vectors, including personal email, social networking, and other mobile centric messaging platforms such as secure messaging apps and SMS/MMS.”
The role of security in the past was isolated to a specific team in the final stage of development, and outdated security practices compromised even the most efficient DevOps initiatives. A DevSecOps integrated approach will allow organisations to take advantage of the agility and responsiveness to threats. Suzanne Ciccone from Veracode states: “We’re seeing organizations start to build security into each phase of the development pipeline, and expect to see more of this shift in 2020. Hence, code scrutiny should start from app inception to production in 2020.
Kaspersky warns that as more corporate infrastructure moves to the cloud, the sophistication and rate of attacks will increase with cybercriminals playing on chance rather than planning.