In 2020, tried-and-tested cyber crimes – such as extortion, obfuscation and phishing – will remain, but new risks will inevitably emerge.
Full 5G implementations will introduce new security threats and the increased migration to the cloud will see more organizations facing risks from their cloud and supply chain.
In addition, the sheer number of connected assets and infrastructures will open doors to threats, and fake images, videos, or audio will be used to manipulate enterprise business procedures.
This is according to a new report from security firm Trend Micro, titled: “The New Norm: Trend Micro Security Predictions for 2020.”
The report notes cyber security skills shortage and poor security hygiene will still be significant factors in the upcoming threat landscape. Risks of compromise through advanced threats, persistent malware, phishing and zero-day attacks can only be mitigated if threat insights and protection are readily available.
The growing popularity of cloud and DevOps environments is expected to expose organizations, from enterprises to manufacturers, to third-party risk, and managed service providers will be targeted as an avenue for compromising multiple organizations via a single target.
“As we enter a new decade, organizations of all industries and sizes will increasingly rely on third-party software, open source and modern working practices to drive the digital innovation and growth they crave,” says Jon Clay, director of global threat communications for Trend Micro.
“Our threat experts predict this fast growth and change will bring new risks of supply chain attacks. From the cloud layer all the way down to the home network, IT security leaders will need to reassess their cyber risk and protection strategy in 2020.”
5G adopters grapple with security implications
Full 5G implementation in 2020 will introduce new challenges and vulnerabilities on software-defined networks, due to the newness of the technology and vendors’ unpreparedness for the new threats that may be taken advantage of, says Trend Micro.
Since 5G networks are software-defined, threats will stem from vulnerable software operations and the distributed topology. Upgrades involving 5G will be much like updates to smartphones and will also entail vulnerabilities.
Critical infrastructures plagued by attacks
Critical infrastructures will be viable targets for extortionists. Ransomware will still be the threat actors’ weapon of choice given its destructive impact, but we’ll also see other cyber attacks such as botnets mounting distributed denial-of-service attacks against operational technology networks; attacks on manufacturing systems that use cloud services; and supply chain attacks where third-party vendors are compromised as springboards for threat actors to target critical sectors, states the report.
Deepfakes next frontier for enterprise fraud
The use of deepfakes– artificial intelligence (AI)-based forgeries of images, videos, or audio – will increasingly move from creating fake celebrity videos to manipulating enterprises and their procedures. This includes deceiving employees into transferring funds or making critical decisions.
In an actual scenario, a fake, AI-generated voice of an energy firm’s CEO was used to defraud the company of $243 000. The technology will be an addition to cyber criminals’ arsenal and a shift from traditional business e-mail compromise.
Cloud platforms prey to code injection attacks
Code injection attacks, either directly to the code or through a third-party library, will be prominently used against cloud platforms.
These attacks – from cross-site scripting and structured query language injection – will be carried out to eavesdrop, take control of, and even modify, sensitive files and data stored in the cloud.
IOT devices used for espionage, extortion
Machine learning and AI will be abused to listen in on connected devices like smart TVs and speakers to snoop on personal and business conversations, which can then provide material for extortion or corporate espionage.
Banking systems in crosshairs
Mobile malware targeting online banking and payment systems will be more active as mobile online payments thrive, particularly in Europe.
The European Union’s Revised Payment Service Directive’s implementation will have cyber security implications for the banking industry – from flaws in application programming interfaces to new phishing schemes.
Attackers capitalise on ‘wormable’ flaws
More exploitation attempts on critical and high-severity vulnerabilities like the “wormable” BlueKeep will be disclosed. Widely-used protocols like server message block and remote desktop protocol will be abused to compromise vulnerable systems, with the latter already a common vector for ransomware.
Flaws and weaknesses involving the deserialization of untrusted data will be a major concern, particularly in enterprise application security.
Serverless platforms introduce attack surface
Serverless platforms offer function-as-a-service, allowing developers to execute codes without the organization having to pay for entire servers or containers.
Outdated libraries, misconfigurations, as well as known and unknown vulnerabilities, will be attackers’ entry points to serverless applications.
Vulnerabilities in container components
The container space is fast-paced, releases are quick, architectures are continually integrated, and software versions are regularly updated. This means traditional security practices will not be able to keep up, says Trend Micro.
An application may now require an organization to secure hundreds of containers spread across multiple virtual machines in different cloud service platforms. Enterprises need to take into account their security at different components of the container architecture – from container-run times.