2019 has been an interesting year for cybersecurity.
Ransomware attacks increased, and hackers became increasingly emboldened in targeting state and local governments — with governments having to come to terms with the harsh reality that they have to pay the demanded ransom.
When it seemed that things couldn’t get worse, in what is one of the largest data leaks from a single organization, news broke of the discovery of four terabytes of user data affecting 4 billion user accounts (and 1.2 billion unique individuals) on an Elasticsearch server late this year. (Read Why Small Businesses Need to Learn from High-Profile Data Breaches.)
Could 2020 be any worse?
While 2020 holds more promises for cyber technology, the threats appear to be bigger. Below are six cybersecurity predictions should watch out for in 2020.
There Will be a Rise in Targeted, Sophisticated Ransomware Attacks
One of the major cyber security predictions for 2020 is that there will be a rise in ransomware attacks; not just your average ransomware attacks but the targeted, sophisticated type.
While ransomware attacks gained increased notoriety in 2017 thanks to the WannaCry and NotPetya attacks, ransom demand from hackers using ransomware seemed to reduce in 2018. Many assumed ransomware is slowly dying due to the increased attention it gained the year before and the resulting sensitization of users to how to protect themselves.
2019 showed a resurgence of ransomware attacks, however. In 2019 alone, ransomware attacks were estimated to cost businesses about $11 billion. More importantly, governments and major corporations seem to be the major target, with more than 70 U.S. government agencies falling victim to ransomware attacks.
While many users attempted to foil ransomware attacks by automating the backup process and ensuring more constant backups, newer strains of ransomware that preempt these measures are being developed. These advanced ransomware target shadow copies and backup files thereby making it impossible to restore data on affected devices.
The Ryuk ransomware is a recent example of a ransomware attack that uses this approach, and you can expect an increase in this type of attack in 2020.
Deepfakes Will Become an Even Bigger Threat — both Politically and Commercially
Take a minute to watch the following video:
Like many people who viewed the above video, you probably initially assumed that it was Mark Zuckerberg talking in that video — except it wasn’t.
Instead, that’s a video that used Zuckerberg’s likeness to pass across the video creator’s message. This kind of video is called a deepfake.
Foreign interference in elections using digital technology has been a subject of passionate discussion since the 2016 elections but something more concerning is shaping up as we gear towards the 2020 U.S. presidential elections: the rise of deepfakes.
While deepfakes initially gained popularity as a tool used to create celebrity pornography content without their consent, as well as revenge porn, they are already being used as an element of political manipulation.
A notable example is a manipulated video of U.S. House Speaker Nancy Pelosi that was released and shared early 2019. The video was manipulated to make Pelosi’s speech slurred in order to make her appear drunk. It was shared widely and watched by millions, many of whom actually believed it to be true.
Other prominent political figures including U.S. President Donald Trump and former U.S. President Barack Obama have been victims of deepfakes, and we can expect this cyber technology to be widely weaponized to manipulate the 2020 elections.
Deepfakes will become a greater cyber threat in 2020, targeted not just at the 2020 U.S. elections but also used to achieve other political objectives internationally. With Forrester already predicting that deepfake scams will exceed $250 million in 2020, businesses also won’t be spared.
IoT Security Exploits Will Significantly Increase
The following Internet of Things (IoT) chart looks good on the surface:
What’s not to like? The number of connected devices is expected to exceed 30 billion in 2020 — or about double what it was in 2015. (Read The Impact Internet of Things (IoT) is Having on Different Industries.)
While the growth in adoption of IoT devices has been nothing short of amazing, a fact that seems to be underreported is how much potential these devices leave for hackers to exploit and how unprepared most users and developers are to protect IoT devices.
According to a report by Kaspersky Labs, there were over 105 million attacks on IoT devices in the first half of 2019 alone. For perspective, that’s nine times more attacks than that of the first half of 2018.
About 6 billion new connected devices will be added in 2020. That’s almost double what was added in 2019. With these new additions, as well as hackers realizing the potential in IoT devices, you can expect a significant increase in IoT attacks in 2020.
5G Will Begin to Become the Next Frontier in Cybersecurity Attacks
The hype around 5G has dominated most of the discussion around emerging tech in 2019. As 2020 draws closer, and we start to see more 5G deployments, you can expect hackers to start focusing more on exploiting the technology. (Read All Your Questions About 5G - Answered.)
Connected devices are especially at risk, and the fact that 5G is shaping up to be a foundational protocol in our increasingly connected world will make it a prime target — not just from small level hackers but also from state actors — for disrupting economic activities.
Cyber Attackers Will Pay More Attention to AI
We’ve talked about deepfakes as a major cyber threat to watch out for in 2020, and as an example of what happens when bad actors decide to pay attention to artificial intelligence (AI).
In 2020, you can expect to see more instances of hackers leveraging AI to achieve their nefarious purposes. State actors with big pockets in particular will most likely invest a lot of money into leveraging AI and machine learning (ML) to discover and exploit weaknesses in applications and technologies. (Read Machine Learning Vs. Cybercrime: 4 Ways ML is Fighting Back.)
Whether it is through the use of deepfakes, AI-powered spear phishing, or other types of AI-enabled hacks, hackers will leverage the vast amounts of data easily accessible to launch AI-powered cyberattacks.
The Cloud Will Become a Lot More Vulnerable to Security Exploits
Cloud data centers are expected to process 94% of workloads by 2020.
In other words, traditional data centers are gradually on their way to extinction; as adoption of cloud technology increases, however, so does the security challenges. Research shows that cloud computing vulnerabilities in the first half of 2019 increased by 46% compared to the same period just a year ago and by 240% compared to the same period two years ago.
Research by Symantec also shows that almost an equal number of organizations that have migrated to the cloud are struggling with security. 83% of organizations apparently don’t have the right processes to effectively manage security incidents and as a result fail to address a significant portion of security incidents.
While adoption of cloud technology is increasing, people’s effectiveness at securing cloud infrastructure isn’t increasing as fast. In 2020, you can expect to read a lot more about cloud security breaches as adoption of cloud technology increases.