Key risks to cybersecurity by 2020

Posted on

The information technology industry is on high alert to a host of new and emerging cybersecurity threats. Evermore advanced cyber-attacks including ransomware, phishing, machine learning and artificial intelligence, cryptocurrencies and more have put business, government and individual data and properties at constant danger.

The industry continues to suffer from a severe shortage of cybersecurity professionals, and experts warn that the stakes are higher than ever, because the cybercrime epidemic even risks shaking public faith in such cherished ideals as democracy, capitalism and personal privacy. “We’re all at risk,” IBM Security’s Heather Ricciuto told cnbc.com, “whether you’re thinking about a big company or a person.”

In its annual Risk Horizon report, the nonprofit Information Security Forum, which describes itself as “the world’s leading expert in cyber, information protection and risk management,” warns of the increased potential for

Disruption — Over-reliance on weak infrastructure creates the potential for planned internet outages capable of bringing trade to its knees and an increased risk of using ransomware to hijack the internet of things.
Distortion — Deliberate dissemination of disinformation, including by bots and automated sources, leads to compromised faith in the credibility of the information.
Deterioration — Rapid developments in smart technology plus competing demands resulting from changing national security and individual privacy regulations hurt the ability of organizations to monitor their information.

According to Cybersecurity Projects, with cybercrime-related harm estimated to exceed $6 trillion annually by 2021, here is a closer look at the most critical threats to cybersecurity for 2020.

Threats and trends for cybersecurity by 2020

Phishing Gets More Sophisticated — Phishing attacks are getting more sophisticated, which deliberately crafted digital messages are sent to trick people into clicking on a connection that can then install malware or reveal sensitive data. Now that workers at most companies are more conscious of the risks of email phishing or clicking on suspicious-looking links, hackers are upping the ante, for example, using machine learning to design even faster and delivering convincing fake messages in the hopes that recipients would unintentionally compromise networks and systems inside their company.
These attacks allow hackers to steal user logins, credit card passwords and other types of personal financial information, and to gain access to private databases.

Ransomware Techniques Evolve — Ransomware attacks are thought to cost victims billions of dollars per year, as hackers deploy technology that allows them to essentially snatch the databases of a person or company and keep all the information for ransom. The emergence of cryptocurrencies such as Bitcoin is credited with helping fuel ransomware attacks by allowing for anonymous payment of ransom demands.
While businesses continue to concentrate on developing better defences to protect against breaches of ransomware, some analysts suggest that hackers may eventually target other potentially lucrative victims of ransomware, such as high-net-worth individuals.

Cryptojacking — The movement of the cryptocurrency often, in many ways, affects cybersecurity. Cryptojacking, for example, is a phenomenon involving cybercriminals hijacking home from third parties or work computers to “mine” for cryptocurrency. Since cryptocurrency mining (such as Bitcoin) requires massive quantities of computer processing power, hackers can make money by secretly piggybacking on somebody else’s systems. Cryptojacked systems can cause severe performance issues for businesses and expensive downtime as IT works to track down and solve the problem.

Cyber-Physical Attacks — The same technologies that allowed us to modernize and computerize critical infrastructure also carries risks. A major vulnerability is the ongoing threat of hacks targeting electrical grids, transportation systems, water treatment facilities etc. Even America’s multibillion-dollar military structures are at risk of high-tech foul play, according to a new article in The New York Times.

State-sponsored attacks — In addition to hackers seeking benefit by stealing personal and corporate data, nation-wide states are now using their cyber expertise to penetrate other governments and assault critical infrastructure. Today’s cybercrime presents a significant threat not only to the private sector and individuals but to the government and the nation as a whole. As we step into 2020, it is expected that State-sponsored attacks will increase with particular concern attacking critical infrastructure.
Many such attacks target state-run programs and support, but organizations in the private sector are also at risk. According to a report by Thomson Reuters Labs: “State-sponsored cyber-attacks are an emerging and significant risk for private enterprise that will increasingly challenge those business world sectors that provide convenient targets to settle geopolitical grievances.”

IoT Attacks — The Internet of Things is becoming ever more omnipresent by the day (the number of devices connected to the IoT is projected to exceed 75 billion by 2025, according to Statista.com). Of course, it includes laptops and tablets, but it also includes routers, webcams, kitchen appliances, smartwatches, medical devices, industrial equipment, vehicles and even home protection systems.
Connected apps are useful for customers, and they are also used by many businesses to save money by collecting large quantities of informative data and streamlining business processes. More linked devices, however, entail increased risk, rendering IoT networks more vulnerable to cyber invasions and infections. IoT devices may be used until operated by hackers to cause mayhem, overwhelm networks or lockdown critical infrastructure for financial benefit.

Advanced Medical Systems and Electronic Medical Records (EMRs) — While most patient medical records have now migrated online, the health care sector is still going through a significant transformation, and medical practitioners recognize the benefits of developments in digital medical technology. However, as the healthcare sector adapts to the modern age, there is a range of questions about the risks to privacy, protection and cybersecurity.
According to the Carnegie Mellon University Software Engineering Center, “As more apps link to hospital and clinic networks, patient data and information will become increasingly vulnerable. That is much more troubling is the possibility of a computer directly connected to a patient being remotely compromised. Theoretically, an intruder may increase or decrease dosages, send electrical signals to a patient or disable monitoring of vital signs.

For hospitals and medical facilities still adapting to the digitization of medical records of patients, hackers are leveraging the many vulnerabilities in their safety defences. And now that patient medical records are almost entirely online, the confidential information they contain makes them a prime target for hackers.

Third Parties (Sellers, Contractors, Partners) — Third Parties such as suppliers and contractors pose a significant risk to companies, most of which do not have a stable program or dedicated staff in place to handle such third-party employees.

As cybercriminals become ever more advanced and cybersecurity threats continue to increase, companies are becoming increasingly aware of the possible danger posed by third parties. But the risk remains high; the U.S. In 2019 Customs and Border Control joined the high-profile victim list.

A study released by RiskManagementMonitor.com on “Safety Risks of Third-Party Vendor Relationships” includes an infographic showing that 60 per cent of data breaches involve a third party and that only 52 per cent of organizations have safety requirements in place for third-party suppliers and contractors.

Connected Cars and Semi-Autonomous Vehicles — The connected car is, while the driverless car is closer, but not yet here. A connected car makes use of on-board sensors to optimize its function and passenger comfort. It is typically achieved by the integration of embedded, tethered or mobile. As technology advances, the connected car is becoming increasingly prevalent; by 2020, according to a study entitled “7 Connected Car Developments Shaping the Future,” an estimated 90 per cent of new vehicles will be connected to the Internet.
For hackers, this development in automotive production and design means yet another opportunity in vulnerable systems to exploit vulnerabilities and steal sensitive data and damage drivers. Connected cars raise significant privacy issues, in addition to safety issues.
When manufacturers race to produce high-tech vehicles, 2020 is expected to see an increase not just in the number of connected cars but also in the amount and extent of identified device vulnerabilities.

Social Engineering — Hackers are becoming increasingly sophisticated not only in the use of technology but also in psychology. Tripwire describes social engineers as “hackers taking advantage of the one vulnerability found in any organization: human psychology. These attackers use a range of tools, including telephone calls and social networking, to trick people into giving them access to confidential information.

A Severe Shortage of Cybersecurity Professionals — In recent years, the cybercrime epidemic has grown exponentially. However, businesses and governments have struggled to recruit sufficiently skilled professionals to defend against the increasing threat. This trend is expected to continue into 2020 and beyond, with some estimates showing around 1 million unfilled positions worldwide (possibly rising to 3.5 million by 2021).

The severe shortage of qualified cybersecurity professionals continues to be cause for concern, as a large, smart digital workforce is necessary to combat the more frequent, more sophisticated threats to cybersecurity from around the world.

That’s why the University of San Diego has developed two Master’s degree programs explicitly focused on the most important issues facing cybersecurity professionals today — the groundbreaking, immersive Master’s of Science in Cyber Security Operations and Leadership and Master’s of Science in Cyber Security Technology, offered both on campus and immersive.

Leave a Reply

Your email address will not be published. Required fields are marked *