In a study on cyber security, in addition to forecasts related to incoming threats, experts from Check Point Software Technologies also point to strategies that can help both governments and organizations to counteract dangerous incidents.
Because our societies increasingly rely on seamless connectivity, criminals and actors threatening countries have even more opportunities to influence the results of political events or cause massive disruption and damage that threatens thousands of people. Attacks are steadily increasing: over the past year, our ThreatCloud has blocked nearly 90 billion attempted violations per day - by astronomical numbers compared to six billion daily searches on Google.
The main threats to cyber security in 2020 will be:
Escalation of the new cybernetic "cold war" - experts argue that we are just on the eve of the next in the history of the cold war, which this time will concern the digital world. It is already clear today that the western and eastern powers are increasingly trying to separate their technologies and intelligence. The ongoing trade war between the US and China and the separation of the two major economies is a clear indicator of this. Cyber attacks will be increasingly used as proxy conflicts between smaller countries, financed and supported by large nations wishing to consolidate and expand their spheres of influence. This was already evident in recent cyber operations against Iran following attacks on Saudi Arabia's oil facilities.
Fake news 2.0 during the 2020 US election - The 2016 US election initiated the spread of fake news based on artificial intelligence. Politicians have made tremendous progress by creating special teams that created and disseminated false stories to weaken voter support for their opponents. US candidates can expect foreign groups to plan and implement plans that will affect the 2020 election.
Cyber attacks on utilities and critical infrastructure will continue to develop - broadly understood municipal services will continue to be the target of cyber attacks, as was the case this year for attacks on US and South African utilities. In many cases, the critical energy and water distribution infrastructure uses older technology that is susceptible to remote operation, but its modernization threatens to interrupt services. Countries will need to look at the radical strengthening of cyber defense of their infrastructure.
What Threats in 2020?
Forecasts of cyber security from the technical side in 2020 are:
Increased targeted ransomware attacks - in 2019, ransomware was increasingly used in attacks on specific companies, local authorities and healthcare organizations. The attackers spend time gathering intelligence about their victims to make sure they can cause maximum disruption so that the ransom is high enough. The attacks have become so damaging that the FBI has eased its position on paying the ransom: it now acknowledges that in some cases companies may consider different options for protecting their shareholders, employees, and customers. This, in turn, will increase the number of organizations insuring themselves against ransomware, which will also increase further ransom demands.
Phishing attacks go beyond email - while email remains vector # 1, cybercriminals also use many other attack vectors to trick victims into providing personal information, login details, or even sending money. Increasingly, phishing relies on SMS attacks on mobile phones or messengers on social media and gaming platforms.
Increasing the number of malware attacks on mobile devices - in the first half of 2019, there was a 50% increase in the number of attacks from mobile banking malware compared to 2018. Such a 'pest' can steal payment data, credentials and funds from accounts banking victims, while new versions of malware are available to anyone who wants to pay malware writers. Phishing attacks will also become more sophisticated and effective, encouraging mobile users to click on malicious internet links.
We can no longer defend ourselves with traditional security models based primarily on detection: before we detect a threat, the damage will already be done. We must automatically block advanced fifth-generation attacks and prevent disruption of the systems we rely on. Generation V security will help prevent real-time threats by introducing joint intelligence and advanced security in all mobile, cloud and network deployments.