Moving into a new year, we can expect the trends in information security from the last several years to continue to evolve and affect the methods criminals will use in exploits and the industry’s defenses against them. A few of these, such as the continued migration to the cloud, mobile technologies, and the use of machine learning affect the methods employed by both sides. With a shortage of skilled professionals in cybersecurity and the rapid advance of software development, we can expect serious competition for our data and information security. Here we will take a look at what experts in the field are saying lies ahead in the coming years.
A major method of attack in 2019 was ransomware. While previously online “gangs” would target institutions such as banks in massive multi-million dollar attacks using banking trojans, moving forward it is expected that the focus will shift to smaller attacks on small to medium sized businesses. This is due to it being easier to anonymize smaller attacks, with the profits easier to launder because of less interaction and sharing with physical street gangs in the laundering process.
Phishing will remain an important method in initiating attack, with mobile increasingly becoming the primary vector for phishing attacks aimed at stealing credentials. While conventional secure email gateways are adequate in blocking phishing emails and dangerous URLs, these methods often neglect to defend mobile attack vectors from account takeover attacks. Personal email, social network accounts, and SMS/MMS messaging can be vulnerable to these attacks.
With business infrastructure increasingly making the move to the cloud, the focus of attackers will follow. This comes with the expected consequence of making attacks more difficult, requiring more sophistication and frequency of attacks which will increasingly rely on luck rather than careful planning and execution. A benefit to corporations using cloud infrastructure is redundancy for data storage and a greater assurance of server up-time. This migration to the cloud should improve security for most, although what attackers will be able to do with machine learning attacks on the cloud remains to be seen.
Having been talked about for several years now, 5G mobile technology will begin to be adopted across major metro areas in late 2020. This increased bandwidth and speed will give rise to a number of new IoT devices and create an uptick in edge computing. With IPv6 adding so many new devices, each one posing a potential risk as an attack vector, companies will need to reevaluate and rethink their threat models. The traditional infosec issues of authentication, confidentiality, authorization, availability and data security will be magnified with the huge build-out of 5G and must be accounted for with an updated risk paradigm.
As for authentication methods, we can expect a move from two-factor (2FA) to multi-factor (MFA), to include biometrics. Implementation of one-time authorization codes (OTAC) will help to provide 2FA circumvention of phishing attacks. Organization are expected to adopt these practices to address credential theft and maintain regulatory compliance, especially those holding highly sensitive data. They will have to contend with more specific phishing attacks leveraging machine learning to optimize attack campaigns. Once done by hand, phishing lures of the 2020s will be tested by AI algorithms in order to improve conversion rates. Phishing domains will even be generated and registered by algorithms independent of human intervention.
Social Engineering and OS Issues
As has always been the case, often the weakest link in the security chain is the human element. We can expect to see an increase of insider attacks in 2020. These occur when an attacker either offers to money or extorts sensitive information from someone working for an organization. This can be achieved through compromising social media accounts and using social engineering methods. This is a low-tech way of breaking security, but often one of the most effective. Some attackers may offer considerable sums of money or cryptocurrency to insiders depending on the target’s position in the company.
One final thing to consider is that Microsoft will be ending support for Windows 7 in the middle of this January. Any businesses and other end-users still using the OS will face the issue of no longer receiving patches and updates, even in the event that a security vulnerability is found. It is expected that at least one significant attack will leverage a Windows 7 end of life vulnerability in the same way that attackers did when Windows XP support came to an end.
These themes will shape the security landscape of the next few years. The interplay between the security professionals and infrastructure meant to protect organizations and those who seek to steal their data will continue to evolve, shaped by emerging technologies. Those organizations best able to defend themselves will be those who anticipate and prepare to resist new and enhanced methods of attack.
STST Inc. is South Texas’ source for professionally designed and integrated security and access control systems.
To set up an appointment to get a quote on your project,
Call us at 210-446-6306
or send an email through our website: