Latest Cyber Security Threats & Trends: 2020 In Review

Uploaded on 2020-09-17 in NEWS-Cybersecurity News, FREE TO VIEW

Uncontrolled access to personal data undermines confidence in the digital world. The healthcare, shipping, and remote networking industry are increasingly being targeted by hackers.

This article reviews the key cybersecurity threats and trends every business needs to understand in 2020 and beyond. By Eddie Segal 

By Eddie Segal

Trending Cybersecurity Threats

To keep your systems and data secure, you need first to understand what the most common threats are.

State-sponsored attacks: Modern cybercrime goes beyond individual hackers trying to make a profit through ransom or data theft. Today, state-sponsored cyberattacks have emerged as one of the preeminent threats targeting critical infrastructure.

The frequency and severity of these attacks continue to increase. According to Verizon, state-sponsored attacks increased from 12% to 23% in 2019, and the numbers are expected to be even higher in 2020. The most obvious example of this approach is Russian hackers accused of affecting elections, releasing confidential information into the public domain, and hacking into critical infrastructure.

Zoom, Google Meet, and Microsoft Teams phishing scams: The number of people using videoconferencing services has significantly increased during the COVID-19 pandemic. Hackers use Zoom, Google, and Microsoft domains to pose as official links. These fake links enable attackers to trick people into giving access to personal information or accidentally downloading malware.

Internet of Medical Things (IoMT) attacks: IoMT is a connected infrastructure of medical devices, and applications that generate, collect, analyze, and transmit healthcare data. IoMT enables you to connect medical devices to the Internet. This includes personal insulin pumps, glucose and heart monitors, and pacemakers.

As with other IoT devices, hackers can exploit software and network vulnerabilities to execute attacks on both individuals and health organizations. Researchers have identified a growing number of software vulnerabilities and demonstrated the feasibility of attacks on IoMT devices. 

Attacks on smart consumer devices and smartphones: Protecting devices like fitness trackers, smart speakers, smart watches, and smart home security cameras has become one of the main concerns in cybersecurity. Connecting from public Wi-Fi networks, or accessing your company email from your smartphone can make sensitive data available to everyone. Furthermore, the use of instant messaging services and file sharing can enable hackers to easily compromise smart devices, giving access to credentials and data.

Shipping cyber attacks: Many aspects of shipping can be vulnerable to attacks, including ship navigation systems, port logistics, and ship computer networks. According to maritime cybersecurity experts, Naval Dome, shipping-targeted attacks increased by 400% since February 2020 due to the coronavirus pandemic.

During the pandemic, equipment technicians are unable to fly out to ships and rigs to upgrade and service critical OT systems. As a result, system operators find a way around established security protocols, leaving systems unpatched and vulnerable to attack. 

Latest Cyber Security Trends

The threat landscape changes constantly, as do security approaches and solutions. These solutions enable security teams to adapt to new attack methods, and identify vulnerabilities before attackers can exploit them.

Zero-trust network technology replaces VPNs: The COVID-19 pandemic has highlighted many of the problems with traditional VPNs, including latency and open access to the entire network. Emerging Zero-Trust Network Access (ZTNA) enables organizations to control remote access to specific applications by hiding them from the public internet. Applications communicate directly to the ZTNA service provider, and can only be accessed through the provider’s cloud service.

This approach reduces the risk of exploiting the VPN connection to attack remote networks. The adoption of ZTNA requires accurate mapping of network users and their access permissions, which can slow the process.

Network security transforms from LAN-based models to SASE: 
The popularity of cloud-based security solutions is growing increasingly due to the evolution of remote network access. Secure Access Service Edge (SASE) technology enables organizations to secure remote workers and applications by routing traffic through a cloud-based security stack, instead of backhauling the traffic through a physical security appliance in a data center.

5G security: Most of the security risks in 5G mobile networks are not new. They include service provider vulnerabilities and critical infrastructure risks. However, 5G also introduces some new risks related to user safety and privacy.

5G’s short-range communication requires more cell towers with closer proximity. This proximity can increase the risk of collecting and tracking the actual location of users. In addition, service providers can potentially have access to large volumes of user data, thanks to the increased interconnectivity of 5G. This data can show what’s happening inside your home through connected devices, and smart sensors. Hackers could steal this valuable information and sell it on the black market.

Conclusion

As you can see, the current year is not short on new threats thanks to new technologies like 5G, IoMT and the increase in remote workforce. These new technologies will undoubtedly improve our lives, but also offer significant security challenges.

No matter what industry you’re in, make sure you know how your company could be affected, then plan proactive solutions like SASE or ZTNA to protect your business.

 

Eddie Segal is an electronics engineer with a Master’s Degree from Be’er Sheva University, a big data and web analytics specialist, and also a technology writer. In his writings, he covers subjects ranging from cloud computing, agile development, cybersecurity, and deep learning.

You Might Also Read: 

Five Risks That Will Define Cyber Security In 2020:

 

« Cyber Security Training For Employees
Cyber Security Should Be A Mandatory Requirement »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Tanium

Tanium

Tanium delivers Autonomous Endpoint Management (AEM) with the industry’s only true real-time platform for AI.

Bericon Forensics

Bericon Forensics

Bericon is one of the longest established forensic science consultancies in the UK. Activities include computer and mobile phone forensics.

DocAuthority

DocAuthority

DocAuthority automatically discovers and accurately identifies unprotected, sensitive documents, enabling a broad yet business-friendly security policy.

TechGuard Security

TechGuard Security

TechGuard Security was founded to address national cyber defense initiatives and US critical infrastructure security.

Yelbridges

Yelbridges

Yelbridges offer high quality IT security & risk management services to mitigate business risks.

TROOPERS

TROOPERS

TROOPERS InfoSec event consists of two days of high-end training, followed by a two-day, three-track conference, culminating in Roundtables on the final day.

Blue Cedar

Blue Cedar

Blue Cedar's mobile app security integration platform secures and accelerates mobile app deployment for enterprises and government organizations around the world.

InterGuard

InterGuard

As the pioneer for Unified Insider Threat Prevention and productivity monitoring tools, InterGuard offers on premise and SaaS-based services that are easily available and affordable.

Cympire

Cympire

Cympire significantly increases an organisation’s Cyber Resilience through continuous Training and Assessment. Cyber Security Training Platform. Cloud-based and fully customizable Cyber Range.

Motiv ICT Security

Motiv ICT Security

Motiv is the ICT security specialist that provides public and private sector organisations with IT security solutions and services to prevent cybercrime, data theft and data breaches.

Query.ai

Query.ai

At Query.AI, we are committed to helping companies unlock the power of their security data, so they are empowered to meet security investigation and response goals while simultaneously reducing costs.

HarfangLab

HarfangLab

HarfangLab develops a hunting software to boost detection and neutralization of cyberattacks against companies endpoints.

AI or Not

AI or Not

AI or Not - Leverage AI to combat misinformation and elevate the landscape of compliance solutions.

Synersoft BLACKbox

Synersoft BLACKbox

Synersoft, the maker of path-breaking and disruptive technology for SMEs, now branded as BLACKbox, is an incubated and invested portfolio company of CIIE - IIM-Ahmedabad.

Securitybricks

Securitybricks

Securitybricks specialize in cloud security and compliance. Our mission is to automate regulatory compliance backed by human validation.

Stern Cybersecurity

Stern Cybersecurity

Stern Cybersecurity offers a robust defense against the ever-evolving landscape of digital threats.