Cybersecurity has been an increasingly important issue in recent years, and that isn’t going to change any time soon. Ten years ago, cybercriminals focused their efforts on breaching large corporate enterprises that yielded large returns. High profile cases like the Target breach in 2013 became emblematic of the plight of large retailers, while the Anthem data breach made it clear that other large enterprises were just as susceptible.
The cyber threat environment has changed since those early high-profile breaches, however. In recent years, small service companies and franchises have seen themselves targeted with attacks that steal customer payment data. Ransomware attacks have also escalated, hitting government agencies and non-profits as well as businesses. These new attacks don’t discriminate based on the size of their targets; any organization with weak security measures is considered fair game. Small-to-medium business were increasingly targeted in 2019, and that trend will continue into 2020.
As 2020 begins, businesses of all sizes will need to take stock of the changing cyber threat landscape and secure their organizations. Here are the top 5 cyber threats that are expected to cause the most havoc in 2020.
According to MIT researchers, ransomware attacks may have cost U.S. organizations alone as much as $7.5 billion in 2019. Ransomware attacks are particularly capricious because they render information systems inoperable, demanding an immediate cash payment to return control to their owners. In many cases, the attackers have no intention of releasing the files and systems they encrypt with their malware. Some victims are taunted and told to make a second payment after relenting to the perpetrator’s demands.
Given the immediate damage a ransomware attack can do, organizations should plan their response in advance. A comprehensive data backup plan is vital, because it should be assumed that the data on infected equipment will be lost. A ransomware response plan should also include a clear process for isolating infected devices to stop the spread of ransomware on internal networks, as well as a plan for recovering those infected devices as quickly as possible.
Hackers continue to succeed in tricking internal personnel into divulging their account and financial credentials using phishing attacks. This strategy allows attackers to bypass traditional network security. As a form of social engineering, phishing attempts to persuade an email user to follow a link to a fake website and enter their user information, or unwittingly install malware by opening an attachment.
Phishing attacks can be blocked and mitigated in a few ways. The most important measures are training employees on how to recognize phishing emails, as well as performing periodic simulated phishing tests. A workforce that’s well versed in guarding against email phishing attacks will make the organization much more secure. Another way to mitigate phishing attacks is to implement security software that automatically removes links from emails and flags suspicious senders.
Most of the news we hear about cybersecurity breaches focuses on crimes committed by threat actors outside of the targeted organizations. However, data breaches from staff and employees continues to be a considerable problem for business organizations. Verizon’s 2019 Data Breach Investigations Report determined that about a third of data breaches were the result of actors inside of organizations.
The increasing use of cloud-based applications has led to an increased number of breaches by insiders, whether accidental or malicious. If a database is misconfigured, it may be exposed to the public, and insiders will be able to more easily transfer data to external third parties. The best way to mitigate these threats, aside from maintaining the proper configuration and security settings for any cloud-based applications, is proactive training on proper system use, as well as surveillance of employee activity on internal networks. Establishing policies that control privileges and data access also limit the ability of staff to accidentally or intentionally release sensitive information.
A new type of malware that has emerged in the past five years is called cryptojacking. It involves malicious actors co-opting a computer’s CPU to mine a cryptocurrency. This is done in one of two ways: tricking users into installing cryptomining malware onto their computers, or running mining scripts in the background on webpages. In both cases, the cryptojacked computer experiences a significant loss of performance and increase in power consumption because of the complex mathematics involved with cryptomining calculations. This parasitic cyberattack can lead to increased energy costs and lowered productivity as hackers farm cryptocurrencies on some or all of a company’s workstations. Hackers running an illicit Monero cryptomining botnet are thought to have reaped $3.6 million in this way.
Organizations can prevent cryptojacking from adversely affecting their systems by following the same best practices that prevent malware infections. Employees should be trained to detect phishing attacks, and ad-blockers and anti-cryptojacking extensions should be used in web browsers to prevent these exploits.
Mobile devices are becoming a large component of business computing, and they are also vulnerable to attacks. While traditional computers and servers are more frequently targeted, mobile devices running on platforms like Android and iOS can also become an entry point for hackers to gain access to corporate intranets. This type of cyberattack has become more frequent in recent years with the popularity of mobile banking apps. In 2019 alone, mobile malware infections rose by 50%, according to a report by Check Point. 2020 will likely see this trend continue as more consumers move their banking and financial transactions to their mobile devices and hackers continue to target those accounts.
Mobile malware poses the same dangers for organizations as malware does on laptops or workstations. Ransomware attacks can spread across an intranet from an employee’s smartphone, or hackers can gain access to internal networks when a tablet connects to a WiFi access point. It’s critical to include mobile devices in an organization’s security plan. If a company has a Bring Your Own Device policy, cybersecurity measures should apply to employee devices just as they do to company-owned computers.
2020 will likely see a continuation of the trends that emerged in 2019. Cybersecurity threats will penetrate new technology platforms like mobile and IoT devices, and the perennial threats of phishing attacks and ransomware will continue to challenge IT departments and cybersecurity personnel. The evolving tactics of today’s cybercriminals will force many organizations to reevaluate their overall security plans.
Organizations looking for expert advice on these cyber risks can rely on Outsource IT. Our security professionals work with businesses to help them guard against cyberthreats, update security policies, create business continuity plans, test existing business cybersecurity, and more. Contact your Outsource IT account manager today to learn more.
Click here to contact Outsource IT