/
Cyber Resilience

3 Cybersecurity Predictions for 2020

With the decade rapidly coming to a close, I’ve been reflecting on 2019, a year wrought with massive, public breaches that illustrated hacker sophistication unlike anything we’ve ever seen before. Collection #1 exposed over 770 million unique email addresses and over 21 million passwords, the Capital One breach affected nearly 106 million U.S. and Canadian residents, and 540 million Facebook user records were exposed on AWS. And that’s just the tip of the iceberg. 

So, what can we expect to see in 2020? I suspect that attack methods will continue to become more nuanced and creative, leading to more detrimental exposures. Here are three specific predictions as we head into the new year that I hope will inspire you to think about security proactively.

1. We’ll start to hear more about the convergence of physical infiltration with cyberattacks, challenging security across the board.

Cyberattacks on an enterprise or a government can be carried out remotely but, in 2019, we started hearing more about the physical element added to the mix. Just look at the woman who had a thumb drive loaded with malware that got into Mar-a-Lago. Although she wasn’t able to successfully tap into the network, she still had a convincing enough story to get past physical checkpoints manned by the Secret Service.

And it doesn’t take sophisticated software or intelligence operations to execute these attacks — a well-planned, staged scenario is all it takes. For instance, someone could pose as an electrician to gain physical access to a hospital being built, walking around unimpeded until they find an unprotected device to access the network. I believe we’ll see more of these high-profile, hybrid cyber-physical attacks in 2020.

2. AI and speech technology will be exploited, making voice a new weapon of choice.

If there’s one thing that malicious actors are good at, it’s creativity. We’ll see business email compromise (BEC) extend further over into voice next year. Even though many organizations have educated employees on how to spot potential phishing emails, many aren’t ready for voice to do the same as they’re very believable and there really aren’t many effective, mainstream ways of detecting them. And while these types of “voishing” attacks aren’t new, we’ll see more malicious actors leveraging influential voices to execute attacks next year.

And it’s not as hard as it sounds — it’s easier than ever to get an audio clip of an executive, CEO, or world leader giving a speech and then altering it for nefarious purposes.

Imagine receiving an urgent call or voicemail from your “boss”, asking to share credentials for a secure platform or system. Without any packaged-up, off-the-shelf solutions to help detect these threats, we’re going to see a lot more voice-related attacks in 2020 that will be harder to identify and even harder to protect against.

3. Our sons and daughters will quickly become a new threat vector to enterprise security.

Almost everyone has a smart, connected device these days and kids are no exception. If they don’t have their own, they’ll probably just grab their parents’ phone or tablet to play games or watch TV – often unsupervised. As digital natives, technology is second nature to them but they’re not thinking about cybersecurity at all, which is why they’ll become prime targets.

Unfortunately, no one is off limits when it comes to cybersecurity threats and our kids will be squarely in the crosshairs next year. Whether it’s the child of an executive, an executive assistant, or even someone with administrative privileges, it only takes one wrong click for them to implant malware on their parent’s phone, opening up the back door for a bad actor to get into the company network. This will become much more prevalent in 2020.

Related topics

No items found.

Related articles

Anti-Fragility: How Zero Trust Turns AI Threats into Strengths
Cyber Resilience

Anti-Fragility: How Zero Trust Turns AI Threats into Strengths

Discover why Zero Trust isn’t just about resilience — it’s an anti-fragile security model that gets stronger under attack.

Top Cybersecurity News Stories From December 2023
Cyber Resilience

Top Cybersecurity News Stories From December 2023

Learn how to manage amidst a cybersecurity skill shortage, why cyber resilience is tied to ROI, and using ZTS to solve cloud security gaps.

A Call for Cyber Resilience and Zero Trust: Illumio Month in Review
Cyber Resilience

A Call for Cyber Resilience and Zero Trust: Illumio Month in Review

The start of 2022 has brought into focus the heightened priority of Zero Trust security in today’s cyber landscape. Many organizations are facing further complexity in their networks as flexible work options evolve, and a volatile geopolitical landscape has led to an exponential rise in international ransomware attacks and breaches.

No items found.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?