Over the past year, there were some major trends that shaped the cybersecurity landscape. Large scale ransomware attacks on city governments evolved, new data breach methods emerged, and attacks on Small and Medium sized Businesses (SMBs) grew. In this blog, we discuss the cybersecurity year that was, and the trends to look ahead to in 2020.
Let’s begin with a review of the cybersecurity trends observed in 2019.
- The Ransomware Ruckus
Over the past year, we saw ransomware make a comeback. While it had been on a downward trend in 2018, it returned in 2019 and did some major damage to both small and large organizations including doctors’ offices, municipalities, schools, universities, and hospitals. Hackers target these industries because of their essential need, historical lack of funding when it comes to cyber security, and the likelihood of hackers getting paid due to the added incentive of cyber insurance.
- Upgraded Phishing Attacks
Phishing was once again one of the major forms of attack employed by cybercriminals. According to Microsoft, inbound emails associated with phishing doubled from 0.31% in January 2019 to 0.62% in September 2019. Mass phishing campaigns were less common, as they are easier to identify. Instead, hackers employed lower volume spear phishing attacks (which Microsoft refers to as “laser” phishing) that were so specific and targeted that even tech professionals couldn’t spot them. Office 365 phishing was on the rise with more organizations adopting the software – according to Vade Secure, 20,217 unique Microsoft phishing URLs were detected in Q2 of 2019 alone.
- Credential Stuffing
Some other notable trends in the last year were targets on cloud systems and successful breaches through Internet exposed Remote Desktop Protocol (RDP) ports using credential stuffing. Many of the successful business email compromise attacks started with criminals getting user credentials to their cloud email environment through phishing. Also, unauthorized access to a system is often obtained because people use the same password in multiple systems, and once one becomes compromised, it can be used to access other accounts. Next, attackers would intercept incoming emails and send emails as the user to trick organizations into changing banking or wire transfer info.
- Small and Medium Businesses (SMBs) as a Target
Cybercriminals have turned their attention towards small businesses in past few years, and 2019 saw a rise in this trend. 43% of online attacks now target small businesses, and only 14% feel they can effectively fight off an attack. This is exactly what makes SMBs a prime target for cybercriminals as they might have a smaller security team (or no security team) and weaker infrastructure to allow them to bounce back from such attacks. According to a poll commissioned by the Insurance Bureau of Canada, 37% of Canadian businesses that were hit by cyberattack estimated that the breach cost them over $100,000.
Looking Ahead: Cybersecurity Trends for 2020
Having discussed some of the changes to the cybersecurity landscape in the past year, let’s examine some of the significant industry trends to look out for in 2020.
- Cyberattack Automation
Cybercriminals are using increasingly sophisticated attack methods to gain access to data. This includes using machine learning and artificial intelligence to exploit vulnerabilities such as security gaps or user error to breach systems. As these automated attacks provide hackers with easier access to data, security experts are fighting fire with fire and using AI to protect organizations from cyberattacks. According to research conducted by Capgemini, 63% of organizations plan on deploying AI to protect their users and data in 2020.
- Cybersecurity Recruitment Crisis
The cybersecurity industry is currently facing a recruitment crisis, with 4 million security positions that need to be filled around the world. Even as security professionals deal with more threats than ever, the supply of new techies is drastically low, with two out of three organizations reporting a shortage of IT staff. Consequently, IT teams have to implement more automation, as mentioned in the point above.
- Rising Attacks on Cloud Systems
As more organizations move away from on-premises systems and struggle to properly configure their cloud systems, we will see attacks on cloud systems continue to grow. Misunderstandings around who is responsible for the different security layers and the complexity of these platforms combine to expose these platforms to criminals.
- Mobile Device Security
As more organizations continue to provide remote work opportunities and company devices to employees, the amount of sensitive data saved on mobile devices also continues to grow. This means more endpoints that need to be secured and more access points for cybercriminals to access critical data. Organizations will need to strengthen their security infrastructure to match this growing requirement and keep their data safe.
With these upcoming changes in the cybersecurity industry, we see some significant risks that organizations will have to contend with to keep data safe and business functioning. However, this also provides opportunities for innovation (e.g. using AI to strengthen cybersecurity) and introduction of new talent into the workforce to meet the growing need for security professionals.
Scott Anderson, Manager, Compliance at IT Weapons says, “Know what systems you have, keep them patched, and backed up offline and offsite. Remember to use up to date anti-virus and anti-spam, regularly check for vulnerabilities and fix them, and train your users to help them recognize when something is wrong. Use multi-factor authentication and make sure you confirm your cloud systems are configured well. Cybercriminals are always improving and updating their methods, so we need to as well by regularly assessing what we are doing to make sure we can keep up.”