Latest Cyber Security Threats & Trends: 2020 In Review

Uncontrolled access to personal data undermines confidence in the digital world. The healthcare, shipping, and remote networking industry are increasingly being targeted by hackers.

This article reviews the key cybersecurity threats and trends every business needs to understand in 2020 and beyond. By Eddie Segal 

By Eddie Segal

Trending Cybersecurity Threats

To keep your systems and data secure, you need first to understand what the most common threats are.

State-sponsored attacks: Modern cybercrime goes beyond individual hackers trying to make a profit through ransom or data theft. Today, state-sponsored cyberattacks have emerged as one of the preeminent threats targeting critical infrastructure.

The frequency and severity of these attacks continue to increase. According to Verizon, state-sponsored attacks increased from 12% to 23% in 2019, and the numbers are expected to be even higher in 2020. The most obvious example of this approach is Russian hackers accused of affecting elections, releasing confidential information into the public domain, and hacking into critical infrastructure.

Zoom, Google Meet, and Microsoft Teams phishing scams: The number of people using videoconferencing services has significantly increased during the COVID-19 pandemic. Hackers use Zoom, Google, and Microsoft domains to pose as official links. These fake links enable attackers to trick people into giving access to personal information or accidentally downloading malware.

Internet of Medical Things (IoMT) attacks: IoMT is a connected infrastructure of medical devices, and applications that generate, collect, analyze, and transmit healthcare data. IoMT enables you to connect medical devices to the Internet. This includes personal insulin pumps, glucose and heart monitors, and pacemakers.

As with other IoT devices, hackers can exploit software and network vulnerabilities to execute attacks on both individuals and health organizations. Researchers have identified a growing number of software vulnerabilities and demonstrated the feasibility of attacks on IoMT devices. 

Attacks on smart consumer devices and smartphones: Protecting devices like fitness trackers, smart speakers, smart watches, and smart home security cameras has become one of the main concerns in cybersecurity. Connecting from public Wi-Fi networks, or accessing your company email from your smartphone can make sensitive data available to everyone. Furthermore, the use of instant messaging services and file sharing can enable hackers to easily compromise smart devices, giving access to credentials and data.

Shipping cyber attacks: Many aspects of shipping can be vulnerable to attacks, including ship navigation systems, port logistics, and ship computer networks. According to maritime cybersecurity experts, Naval Dome, shipping-targeted attacks increased by 400% since February 2020 due to the coronavirus pandemic.

During the pandemic, equipment technicians are unable to fly out to ships and rigs to upgrade and service critical OT systems. As a result, system operators find a way around established security protocols, leaving systems unpatched and vulnerable to attack. 

Latest Cyber Security Trends

The threat landscape changes constantly, as do security approaches and solutions. These solutions enable security teams to adapt to new attack methods, and identify vulnerabilities before attackers can exploit them.

Zero-trust network technology replaces VPNs: The COVID-19 pandemic has highlighted many of the problems with traditional VPNs, including latency and open access to the entire network. Emerging Zero-Trust Network Access (ZTNA) enables organizations to control remote access to specific applications by hiding them from the public internet. Applications communicate directly to the ZTNA service provider, and can only be accessed through the provider’s cloud service.

This approach reduces the risk of exploiting the VPN connection to attack remote networks. The adoption of ZTNA requires accurate mapping of network users and their access permissions, which can slow the process.

Network security transforms from LAN-based models to SASE: 
The popularity of cloud-based security solutions is growing increasingly due to the evolution of remote network access. Secure Access Service Edge (SASE) technology enables organizations to secure remote workers and applications by routing traffic through a cloud-based security stack, instead of backhauling the traffic through a physical security appliance in a data center.

5G security: Most of the security risks in 5G mobile networks are not new. They include service provider vulnerabilities and critical infrastructure risks. However, 5G also introduces some new risks related to user safety and privacy.

5G’s short-range communication requires more cell towers with closer proximity. This proximity can increase the risk of collecting and tracking the actual location of users. In addition, service providers can potentially have access to large volumes of user data, thanks to the increased interconnectivity of 5G. This data can show what’s happening inside your home through connected devices, and smart sensors. Hackers could steal this valuable information and sell it on the black market.

Conclusion

As you can see, the current year is not short on new threats thanks to new technologies like 5G, IoMT and the increase in remote workforce. These new technologies will undoubtedly improve our lives, but also offer significant security challenges.

No matter what industry you’re in, make sure you know how your company could be affected, then plan proactive solutions like SASE or ZTNA to protect your business.

 

Eddie Segal is an electronics engineer with a Master’s Degree from Be’er Sheva University, a big data and web analytics specialist, and also a technology writer. In his writings, he covers subjects ranging from cloud computing, agile development, cybersecurity, and deep learning.

You Might Also Read: 

Five Risks That Will Define Cyber Security In 2020:

 

« Cyber Security Training For Employees
Cyber Security Should Be A Mandatory Requirement »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Infrascale

Infrascale

Infrascale specialise in providing cloud backup and disaster recovery services.

Quantivate

Quantivate

Quantivate is a provider of web-based Governance, Risk, and Compliance (GRC) software and service solutions.

Cyber Fusion Center - Maryville University

Cyber Fusion Center - Maryville University

Maryville University Cyber Fusion Center is a virtual lab for working on real-world cyber security challenges.

CyberSecurity Malaysia

CyberSecurity Malaysia

CyberSecurity Malaysia is the national cyber security specialist agency under the Ministry of Science, Technology and Innovation (MOSTI).

Foundation Futuristic Technologies (FFT)

Foundation Futuristic Technologies (FFT)

FFT is a global leader in computer forensics and digital investigation solutions.

IronScales

IronScales

IronScales combines human intelligence with machine learning to automatically prevent, detect and respond to email phishing attacks.

Fortalice

Fortalice

Fortalice provide customizable consulting services built on proven methodology to strengthen your business cyber security defenses.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CipherBlade

CipherBlade

CipherBlade specializes in blockchain forensics, data science and transaction tracking.

Cigent Technology

Cigent Technology

Cigent keeps the most valuable asset in your organization safe—your data. Our advanced endpoint and managed network security solutions prevent ransomware and data theft.

Swiss Cyber Forum (SCF)

Swiss Cyber Forum (SCF)

The Swiss Cyber Forum (SCF) builds competences and helps its members to mitigate the cyber risks associated with digitalisation.

Infostream

Infostream

Infostream is a leading integrator of Digital Transformations Solutions (DTS); Public, Private, and Hybrid Cloud; Cybersecurity; Data Integrity; DevOps, DevSecOps, and Infrastructures.

Cyber Chasse

Cyber Chasse

Cyber Chasse is an IT consulting and staffing company offering a full range of cybersecurity solutions, contract staffing services and online training courses.

Vali Cyber

Vali Cyber

Vali Cyber was founded in 2020 with the mission of addressing the specific cybersecurity needs of Linux.

Trojan Horse Security

Trojan Horse Security

Trojan Horse Security are specialists in corporate security. Our services include: Comprehensive Cyber Security Analysis, Penetration Testing, Network Security and Security Audits.

Stacklok

Stacklok

Stacklok are an Open Source first security company enabling safe Open Source Software consumption.