As 2020 begins, rapid transformation of technologies will continue in order to make business practices more productive and efficient. With emerging technologies like IoT, and AI/ML maturing in 2020, security threats are poised to increase and become even more rampant. Here are 10 security predictions for 2020 from Juniper Networks’ leading security experts including, Trevor Pott, Technical Security Lead, Mounir Hahad, Head of Juniper Threat Labs, and Laurence Pitt, Global Security Strategy Director.
Emerging Technologies, Tried and True Threats
As security experts roll out their predictions for 2020, we can expect to see a large focus on emerging technologies like deepfakes. The truth of the matter, however, is that new attack vectors take time to become common and will likely not be an immediate threat. The Bluekeep vulnerability, for example, is only just being weaponized in earnest, despite being revealed in May, and it is vastly less complicated to use than something like deepfakes. Instead, 2020 will likely bring steady improvements in traditional attacks that dominate the market. The most common and effective attacks are those which rely on humans to do something they shouldn’t. All indications are that preying on human error will continue.
2020: The Year of Cloudy Compromise
As 2019 comes to a close, credential stuffing attacks are on the rise. This is unsurprisingly so, as the number of credentials compromised every year increases and new records are regularly set for the size and scale of various data breaches. In the new year and beyond, security professionals would be wise to pay close attention to Software as a Service (SaaS) applications and Infrastructure as a Service (IaaS) accounts, especially those at major cloud providers. The larger the userbase, the richer the target, and even after decades of warnings, people still reuse credentials all over the internet. Multi-factor authentication will be the best defense but remains somewhat niche in terms of real-world use.
U.S. 2020 presidential elections will incite both broad and targeted attacks
The looming U.S. presidential election is too big of a target to be ignored by nation state actors. I suspect we will identify meddling attempts on social media, albeit using more sophisticated methods than four years ago. Some commercial entities have developed a business model around this kind of interference and have been honing it in various theaters around the world, so I suspect their services will be sought after by parties interested in a particular outcome of the elections or wanting to sow discord and doubt in the election process. Deep fakes may be the name of the game, in this regard. Additionally, we will probably identify attempts at infiltrating campaign staff using phishing emails and spyware.
Tokyo Olympics will be targeted with a cyber attack
This has become the norm. The Olympic Games have been a target of attacks aiming to sabotage the event or spy on the governing body, especially around doping investigation activities. I predict that a cyber-attack on the Olympics infrastructure will probably succeed to some extent.
First large scale IoT ransomware attack
In 2020, the number of IoT devices plugged into the internet will reach a threshold that will present an attractive target for cyber criminals. We will probably start seeing the first ransomware attacks on a large-scale targeting IoT devices running on low power microprocessors and using the Android or Linux operating system.
Phishing attacks will become smarter and harder to detect
Cyber criminals can use publicly available information scattered across the internet to build a simple picture of someone – political beliefs, interests, pets, job, family – in order to execute a more effective attack. The internet has vast amounts of data on who we are, and it’s often in public view. On Facebook, Instagram, LinkedIn, Twitter and other platforms, we’re sharing information, engaging and commenting about our personal and professional lives.
In 2020, people should expect much more of this at a much smarter level. We will see more phishing emails using publicly available personal data in order to directly address who you are – making sure to keep it relevant while making it even harder to spot the difference between a phish and a genuine email. My advice is to stop clicking on email links. If you receive an email from your bank, an online retailer or a provider, make your first port of call their official website. Then, login and attempt to validate that the email is genuine. Additionally, use a password manager because most will not input passwords to fake sites when the website address is not recognized. This has saved me on a couple of occasions – and I consider myself to have a level of expertise!
Deepfakes will present a real problem in the coming years as technology continues to advance and bad actors try to sway public opinion
Deepfake is one of the scariest cyber-attacks currently being advanced and exploited on the internet. It might have all started in Hollywood, but now we’re seeing politically motivated deepfakes featuring politicians making statements they’ve never actually said. In 2020, this could become even more interesting, and we may see deepfakes used in social engineering to gain access to corporate data. What if a deepfake video was created of a corporate CTO making forward statements that affected their stock-price? Or, more simply, a deepfake of the CFO on a video-conference call with his team asking them to manipulate or share data? All these present a very possible – and somewhat scary – use for this technology.
Cybercriminals will rely more on socially engineered attacks aimed at exploiting human psychology
Generic attacks are failing. It’s not just that we are getting smarter, but also that security is smarter and will prevent many attacks from even reaching the intended recipient. For this reason, we are seeing growth in socially engineered attacks. There is enough publicly available information for any criminal to build a good profile of their targeted individual: what they look like, where they live, their job-history, pets, friends, etc. With this data it becomes much simpler to directly contact a victim and elicit response or engagement.
In 2020, citizens should become more suspicious. Read any email closely, and, if an email seems out-of-character, then it may be. One tip from me, many sites ask for password recovery questions, for example, your first school, best friend or model of car. There’s nothing that says you must give the CORRECT answer to any of these questions, just that you know the answer that you gave! This way, if someone can socially engineer information from you, they still won’t have any of the answers they need.
The race to 5G will continue to ramp up and prompt security teams to reevaluate their internal security posture
5G is going to mean that everything about the network moves closer to the edge. The improvements in speed and reductions in latency will allow much greater flexibility for deployment of applications and data. Over the coming years, security teams will need to review their security policies and processes in order to keep up and account for moving security closer to the edge of the network. Without quick detection and containment, by the time a threat is detected in a 5G network it will have had time to traverse key areas with the potential for causing significant damage (or hiding and waiting). Organizations will need to look at how they can leverage both security and non-security devices as part of their security posture, making use of data from both to strengthen posture and speed detection and response.
More connected devices will give rise to new types of attacks, challenging enterprises
When we talk about connected device risk, it’s no longer just about mobile phones and tablets. In the drive to be more efficient, greener and responsive to market changes, there is pressure to take advantage of IoT (and IIoT) to make this happen. The bigger challenge comes from these swathes of other IoT being connected to corporate networks, where adoption often happens at the speed of business and security struggles to keep up. Many of these devices do not have security built in at the device level and so security needs to be considered as part of the overarching network posture.
Expect cybercriminals to take advantage of this. We’ve already seen success with Mirai. As new IoT is rolled out and security teams struggle to keep up with updates and patches, there will be more opportunities for criminals to abuse this vector and gain access.