A Look at the Past
As 2019 concludes, we look back at both the successes and failures that have occurred in the technology & cybersecurity industry this past decade. In the first half of 2019, data breaches had experienced a drastic 54% increase compared to the first half of 2018, according to the research of Risk Based Security. More and more each year, it seems as if data breaches are heavily increasing and grasping headlines of several networks, and there’s no doubt that in 2020, we expect to see a very similar trend.
Worldwide Hacker Thinking
Research concluded by precisesecurity.com have determined that cyber-attacks have targeted approximately 75% of the largest companies across North America and Europe this past year. Relatively 40% of all cyber-attacks that were successfully conducted in 2019 were operated through a security attack method known as cross-site scripting, also known as XSS. XSS allows pernicious scripts to be infused within a company of high recognition and trust such as Microsoft. Conclusive research has demonstrated that Sales Qualified Lead injections are one of the most relied on methods to attack corporations. In fact, in 2019, XSS remains the second most used attack mechanism worldwide.
It’s evident that many hackers are utilizing very similar, if not the same tactics in order to infiltrate a secured network and retrieve information. As seen with XSS, a hacker’s mindset represents that of a chained communication system. For example, nowadays, technology possesses the power to maintain and provide use of several day to day activities that the public participates in, including researching, texting, and other forms of communication. Much like a businessman, hackers also communicate with one another in order to determine the most efficient method of pervading a network. As companies continue to fail on improving their security systems, this exposes all hackers who now understand which method is producing the best results to easily take control of a network.
Who’s to Blame for all these Hacks? The Hackers or the Companies Security?
Why is it that so many companies are being hacked both internally and externally? Are hackers truly elevating there cyberattack skills or are companies simply not taking the rightful steps in trying to prevent their exposure to hacking threats and therefore, resulting in vulnerability?
It’s very difficult to strictly declare that one issue is the sole reason as to why cybersecurity hackers are continuously able to drudge several companies. Therefore, we believe that it’s a combination of both the hackers’ developing technology skills and the mistakes of the companies’ security processes. However, research completed by Centrify on Censuswide had shown that many companies aren’t providing basic cybersecurity training to their new and present employees, resulting in a state of vulnerability for which the company positions themselves at higher levels of risk. We believe that because many employees including the executives lack the understanding and education around cybersecurity, it is much easier for hackers to drudge a network, simply because they outsmart the companies’ employees.
But Many Companies Have Technology Staff Members, So Can’t They Stop the Hacks?
Society has built up this concept that because an organization has several technology experts working for them, the company won’t get hacked or be extremely limited to the amount of hackeries. This perception is not only false but is a strong reason as to why hackers are able to manipulate and infiltrate not only the security network but the entire organization. Nowadays, hackers are continuously evolving in terms of both number and skill. With that being said, a single technology team simply won’t be enough to prevent the hackings.
The information security community across the world needs to get back to its roots in finding intelligent and highly trained individuals who have the experience working in security systems. Companies must begin investing in adding these trained security members in office as opposed to poaching them from other firms. Without a doubt, this process will consume a lot of time and money, but in the end will provide a much more stable and secured network.
Will Hacking ever get Resolved?
Top Cybersecurity Predictions for 2020
- Ransomware Attacks Will Increase and Continue Dominating Security Defenses
A 2019 Report by Malwarebytes demonstrated an arduous rise of 195% in ransomware attacks in the first quarter of 2019 from the last quarter of 2018. Researchers have concluded that ransomware attacks are targeting a large majority of American Companies, and we predict that hackers will continue to imply a method called “Troldesh”. This program is capable of hacking into a secured system and encrypting all personal data of an individual and using it to extract money in return for the user’s own personal information.
The annual FBI conduct an experiment which analyzes the amount of internet crime complaints and internet crime reports from the public. In 2018, the FBI have justified the discoveries of Malwarebytes as they determined that although the amount of ransomware complaints have decreased, the total cost of money being lost continues to drastically increase. In 2018, the FBI experienced a total of 1,394 ransomware complaints and a considerable loss of $3.6 million from a countless number of companies worldwide.
“Ransomware will continue to both dominate headlines and cause havoc in 2020. The complexity of the attacks and the packaging of Ransomware-as-a-Service will continue to increase, while organizations grapple with both prevention and implementing practices to respond appropriately. Responses by organizations will be split between those who recover from backups, and those with more limited options who opt to pay the ransom”—Danny Allan, Vice President of Product Strategy, Veeam Forbes Report
- The 2020 U.S. Election Will Be Highly Targeted
In 2016, Donald Trump was sworn in as the 45th President of the United States of America. An election where he edged out former first lady Hillary Clinton as well as other candidates. Election hacking is not only a candidate problem, but also a citizen issue. The 2016 election included efforts from several hackers and/or hacking organizations in attempt to subvert candidates, parties, and generate a discord & dissent between groups and individuals involved in the election.
We predict that hackers will continue to breach the network-attached voting machines and launch a variety of disinformation campaigns to create a dissent between progressive and conservative sides of both parties. On the other hand, we predict that defenders will begin working on the election’s security months prior to the election, and the DHS’s cybersecurity division will be running online war rooms for local officials during all the primaries and caucuses. Election boards typically include information such like a candidates full legal name, social security numbers, date of birth, family members, driver licenses, health cards, home/work addresses, and other personal information that a hacker can access and use to impersonate voters, generate personal financial profits, and ultimately have a major effect on the election.
Conclusively, hackers will undoubtedly attempt in using any method possible such as ransomware, phishing, and XSS to infiltrate the election. Deboard Golden, U.S. Cyber Risk Services leader for Deloitte Cyber thinks policy and governance on election issues will reach a crisis level in the coming year. Report
- Phishing Will Become One of the Worlds Most Feared Hacking Methods by Expanding beyond Email to SMS and Video
Phishing is known across the world as a cybersecurity that limits the amount of suspicious emails that are both delivered and received. As the intellect and knowledge of hackers continue to develop, it is very clear that for the past decade, hackers have physically proven to be fully capable of working around elevated cybersecurity defenses. Due to their growing intelligence, we predict that hackers will implement a new tactic of phishing by driving away from email use and focusing its attention more on Short Message Service (SMS). SMS is a text messaging service that incorporates the use of cellphones, the internet, and other mobile device systems. SMS allows individuals to communicate with greater efficiency and ease, and as adaptability increases, the level of security risk will also seek a dire increase.
Tim Steinkopf of Centrify has stated that he believes phishing will see a major increase of more than 100% in 2020, and the world will see the first successful spear phishing by video such as a FaceTime with a hacker posing as an executive staff member. Via Forbes Report
- 5G will Open Unprecedented Doors of Cybersecurity Issues
In 2020, technology will open its doors to its new primary form of communication throughout all network operators. 5G presents a new and promising opportunity for customers and executives but will undoubtedly be followed by a countless number of threats. Compared to 4G, 5G will introduce a much quicker and efficient type of communication as it will allow data transfer at a 10 times faster rate and provide more data space according to CXOtoday.com. 5G will also provide the opportunity for vehicle communication to be presented in a more intelligent fashion as there will be sensors communicating with each other and vehicles will be able to communicate with the system if an error has occurred. As 5G increases the level of reliable connectivity, this will no doubt promote several organizations to use this to transfer information from one database to another.
With the arrival of 5G, we predict that organizations will be able to enhance its communication systems, but will also experience an unparalleled number of hackers trying to take control of their data movements and steal their identities.
- Hackers will Manipulate AI-Based Solutions to Attack Software
Artificial Intelligence is a non-stop developing product that has captured the attention of some of the most popular scientists and developers across the world such as SpaceX & Tesla CEO Elon Musk and Microsoft Founder Bill Gates. It remains a product that is capable of solving many technology issues, but of course is not and maybe never will be fully developed. As AI continues to grow, it is very difficult for scientists to implement a fully developed security system capable of blocking out intruders. Therefore, we predict that hackers will begin to manipulate the development of AI-Based solutions and use it to attack the software systems of several organizations.
“2019 saw the cybersecurity industry start to explore AI-based solutions. In the coming months, cybercriminals will start to do the same, integrating AI and machine learning into their malware programs to bypass and infiltrate targeted systems. Current cybersecurity measures rely on ‘detection and response,’ but as attackers begin to leverage AI to bypass existing solutions, companies will be left at a significant disadvantage against these seemingly undetectable campaigns. We could see AI-based malware become prominent in day-to-day attacks”—Guy Caspi, CEO, Deep Instinct Forbes Report
A New Era
2020 is the start of a new decade. Technology will evolve, human resources will evolve, and most importantly, human intellectual thinking will progressively thrive among the newest developing creations. It is unclear whether or not new products will foresee a positive or negative contribution to society, but it is evident that new opportunities will arise for those who seek it.