Latest Cyber Security Threats & Trends: 2020 In Review

Uploaded on 2020-09-17 in NEWS-Cybersecurity News, FREE TO VIEW

Uncontrolled access to personal data undermines confidence in the digital world. The healthcare, shipping, and remote networking industry are increasingly being targeted by hackers.

This article reviews the key cybersecurity threats and trends every business needs to understand in 2020 and beyond. By Eddie Segal 

By Eddie Segal

Trending Cybersecurity Threats

To keep your systems and data secure, you need first to understand what the most common threats are.

State-sponsored attacks: Modern cybercrime goes beyond individual hackers trying to make a profit through ransom or data theft. Today, state-sponsored cyberattacks have emerged as one of the preeminent threats targeting critical infrastructure.

The frequency and severity of these attacks continue to increase. According to Verizon, state-sponsored attacks increased from 12% to 23% in 2019, and the numbers are expected to be even higher in 2020. The most obvious example of this approach is Russian hackers accused of affecting elections, releasing confidential information into the public domain, and hacking into critical infrastructure.

Zoom, Google Meet, and Microsoft Teams phishing scams: The number of people using videoconferencing services has significantly increased during the COVID-19 pandemic. Hackers use Zoom, Google, and Microsoft domains to pose as official links. These fake links enable attackers to trick people into giving access to personal information or accidentally downloading malware.

Internet of Medical Things (IoMT) attacks: IoMT is a connected infrastructure of medical devices, and applications that generate, collect, analyze, and transmit healthcare data. IoMT enables you to connect medical devices to the Internet. This includes personal insulin pumps, glucose and heart monitors, and pacemakers.

As with other IoT devices, hackers can exploit software and network vulnerabilities to execute attacks on both individuals and health organizations. Researchers have identified a growing number of software vulnerabilities and demonstrated the feasibility of attacks on IoMT devices. 

Attacks on smart consumer devices and smartphones: Protecting devices like fitness trackers, smart speakers, smart watches, and smart home security cameras has become one of the main concerns in cybersecurity. Connecting from public Wi-Fi networks, or accessing your company email from your smartphone can make sensitive data available to everyone. Furthermore, the use of instant messaging services and file sharing can enable hackers to easily compromise smart devices, giving access to credentials and data.

Shipping cyber attacks: Many aspects of shipping can be vulnerable to attacks, including ship navigation systems, port logistics, and ship computer networks. According to maritime cybersecurity experts, Naval Dome, shipping-targeted attacks increased by 400% since February 2020 due to the coronavirus pandemic.

During the pandemic, equipment technicians are unable to fly out to ships and rigs to upgrade and service critical OT systems. As a result, system operators find a way around established security protocols, leaving systems unpatched and vulnerable to attack. 

Latest Cyber Security Trends

The threat landscape changes constantly, as do security approaches and solutions. These solutions enable security teams to adapt to new attack methods, and identify vulnerabilities before attackers can exploit them.

Zero-trust network technology replaces VPNs: The COVID-19 pandemic has highlighted many of the problems with traditional VPNs, including latency and open access to the entire network. Emerging Zero-Trust Network Access (ZTNA) enables organizations to control remote access to specific applications by hiding them from the public internet. Applications communicate directly to the ZTNA service provider, and can only be accessed through the provider’s cloud service.

This approach reduces the risk of exploiting the VPN connection to attack remote networks. The adoption of ZTNA requires accurate mapping of network users and their access permissions, which can slow the process.

Network security transforms from LAN-based models to SASE: 
The popularity of cloud-based security solutions is growing increasingly due to the evolution of remote network access. Secure Access Service Edge (SASE) technology enables organizations to secure remote workers and applications by routing traffic through a cloud-based security stack, instead of backhauling the traffic through a physical security appliance in a data center.

5G security: Most of the security risks in 5G mobile networks are not new. They include service provider vulnerabilities and critical infrastructure risks. However, 5G also introduces some new risks related to user safety and privacy.

5G’s short-range communication requires more cell towers with closer proximity. This proximity can increase the risk of collecting and tracking the actual location of users. In addition, service providers can potentially have access to large volumes of user data, thanks to the increased interconnectivity of 5G. This data can show what’s happening inside your home through connected devices, and smart sensors. Hackers could steal this valuable information and sell it on the black market.

Conclusion

As you can see, the current year is not short on new threats thanks to new technologies like 5G, IoMT and the increase in remote workforce. These new technologies will undoubtedly improve our lives, but also offer significant security challenges.

No matter what industry you’re in, make sure you know how your company could be affected, then plan proactive solutions like SASE or ZTNA to protect your business.

 

Eddie Segal is an electronics engineer with a Master’s Degree from Be’er Sheva University, a big data and web analytics specialist, and also a technology writer. In his writings, he covers subjects ranging from cloud computing, agile development, cybersecurity, and deep learning.

You Might Also Read: 

Five Risks That Will Define Cyber Security In 2020:

 

« Cyber Security Training For Employees
Cyber Security Should Be A Mandatory Requirement »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Guardtime

Guardtime

Guardtime's Black Lantern platform provides real-time cybersecurity and data-centric asset protection.

Apomatix

Apomatix

Apomatix is a platform that simplifies the complexity of cyber risk audit and management.

MACH37

MACH37

MACH37 is a market-centric cybersecurity accelerator program designed to facilitate the creation of the next generation of cybersecurity product companies.

CRI4DATA

CRI4DATA

CRI4DATA's mission is to help organizations build their resilience to cyber risk.

CyberSec Hub - The Kosciuszko Institute

CyberSec Hub - The Kosciuszko Institute

The goal of CyberSec Hub is to create a centre of excellence for cybersecurity in Krakow, a new European “Cyber-Silicon Valley”.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

Ministry of Information and Communications (MIC) - Vietnam

Ministry of Information and Communications (MIC) - Vietnam

The Ministry of Information & Communications of Vietnam is the policy making and regulatory body in the field of information technology and national information and and communication infrastructure.

Nomios

Nomios

Nomios develops innovative solutions for your security and network challenges. We design, secure and manage your digital infrastructure.

Orro Group

Orro Group

Orro create 'future now' solutions that make it faster, simpler and safer for you to access, store and share information. Wherever, whenever and with whomever you want.

Aptum

Aptum

Aptum is a global hybrid multi-cloud managed service provider delivering complex and high-performance cloud solutions with an integrated secure network.

OpsHelm

OpsHelm

OpsHelm provides a Software-as-a-Service solution to help businesses ensure that all of their cloud environments have their security bases covered.

Distology

Distology

Distology are an award-winning cloud security distributor bringing a wealth of experience and strong relationships with a huge breadth of partners covering the UK, Ireland and Benelux.

Netsurit

Netsurit

Managed IT, Cloud, and Security Services. Netsurit is Your IT Innovation and Digital Transformation Accelerator.

Texaport

Texaport

Texaport's vision is to be the trusted partner of choice for organisations seeking comprehensive IT management and cutting-edge security solutions.

National Renewable Energy Laboratory (NREL) - USA

National Renewable Energy Laboratory (NREL) - USA

NREL is transforming energy through research, development, commercialization, and deployment of renewable energy and energy efficiency technologies.

Archipelo

Archipelo

At Archipelo, we empower organizations with Developer Security - to increase software security and compliance throughout the development lifecycle.