The new year is around the corner, and so, here are our predictions about
1. Cybercriminals will use IoT devices at homes for espionage and extortion.
The use of (internet of things) IoT in our homes is increasing, and that's is excellent. The use of these devices really facilitates our day to day chores. Yet, we become lazier every time 😂 . Still, we have to be very careful when buying and integrating new devices into our homes. You probably can't imagine how a cheap unknown brand smart light switch is going to be that dangerous; it has no camera nor microphone. However, think twice. This simple device either can have vulnerabilities that will leave an open door to your home network connection. Or will already come with some malware in place, sending data to a third party or selling your information.
2. Social engineering will remain the preferred method by adversaries.
Attackers usually don't put too much time and effort into hacking stuff from scratch. They usually use an attack vector that, if fruitful, they are already inside without too much work. Sending an infected file to an employee of Acme Corporation is more effortless than trying to hack their perimeter security measures. They rely on that employee opening the infected file without reporting it to the security department for further inspection. So, they are already inside the corporate network. They probably will do a quick research about their target; for instance, if the target likes cars, they will try to trick them with something car-related. They know there is a lack of cybersecurity culture in our current connected world.
3. Predictive and behavioral detection will be crucial against persistent and fileless threats.
It is not a prediction, but a reality. Behavioral detection is the only way to be as protected as it can be. Thus, our effort every day to make our tool stronger to be steps ahead of adversaries and keep you and your devices safe. Detecting things that already happened is not very smart nowadays, you can see why in this other blog post. Cybersecurity has reached a level where it is not an option anymore; it is a must! Think about what physical security was 30 years ago; we used to secure all our belongings. However, a significant portion of our belongings is digital these days. For instance, I can remember my mom had all the family pictures in an old album, and she had it very secured in a fireproof safe. Now we scanned all those pictures and have it in a secure place which also has a cloud backup. It means our fireproof safe is no longer relevant, but secure software would be. Talking about cloud, it is our next prediction.
4. Attacks to Cloud Infrastructure.
Criminals will find new ways to attack cloud infrastructure. The most advanced cloud attacks will occur at machine speed in 2020. They will also be looking for ways to infect the cloud with ransomware. Let's think about the previous example if you have your photos in the cloud, and the cloud gets infected with ransomware, that means pretty much you have lost your photos.
5. Ransomware will increase.
Ransomware is one of the most lucrative attacks. An adversary can buy ransomware in the darknet very cheap, or even find ransomware free to use. So this means an attacker does not need too much money to give it a try, there are still people and even companies that prefer to pay the ransom instead of fighting back. Paying ransom to the attackers is not recommended. Paying means you are giving money to adversaries so they can further finance their illegal activity and become stronger, which leads to the fact that they see it as profitable.