The year 2019 has already been marked with massive cybersecurity incidents such as the discovery of a database with 770 million stolen email addresses and passwords. What else will the current year bring and when should we be especially attentive? Let's talk about the latest threats in cybersecurity and the solutions that come to the rescue.
Artificial Intelligence: a servant of two masters
Artificial Intelligence (AI) and Machine Learning (ML) will likely help us develop self-learning computer systems that can process information similarly to the human mind. Modern AI systems already help resolve complex computing tasks with amazingly high speed and quality. This is why AI and ML are among the abbreviations commonly found in cybersecurity predictions for 2019.
How does it work? Well, searching for vulnerabilities is much more efficient when performed by an AI system. An attacker’s AI tool can generate a lot of unusual requests to the target service to cause an abnormal response. That’s how weaknesses are found and then exploited. Moreover, AI makes it possible to generate life-like emails, chat messages, and even videos featuring fake personas to launch social engineering attacks.
On the other hand, good guys will also use AI in 2019 to look for weaknesses in networks and systems, which will lead to more successful defenses against attacks. Maybe, in ten years, only algorithms will be fighting each other on the cybersecurity battlefield?
Cloud and IoT: more connected devices and more threats
Nearly 60% of North American companies save their data in public cloud platforms, which is five times more than just five years ago. It is cost-efficient and convenient as the teams can access information remotely and protect it from disasters. If your company uses Google Drive or Dropbox to share files, this is an example of a cloud service that you deal with.
The more widespread cloud services become, the more attackers aim for them. It’s just like how the general number of internet security threats grew alongside the increase of PC usage. They will both hunt for user data and try to gain access to the service (such as a cloud storage) itself. So, that fast and convenient file storage your company relies on might one day paralyze the whole business.
The practice of attacking cloud storage influences the Internet of Things (IoT) devices. What’s IoT? It is an entirety of internet-connected devices around the world that collect data with their sensors and share it through the web. Popular examples are smart watches, home assistants, smart fridges and washing machines, and so on.
As IoT largely relies on cloud computing, the rise of cloud-based threats will naturally affect connected devices. Moreover, they process payments, store personal data, and have computational powers that can be used to the benefit of the attacker. Eventually, IoT will be one of the most popular targets for the trespassers. Using IoT devices for DDoS attacks, phishing, ransomware, and cryptomining is definitely be among the top cybersecurity trends of the future. Yes, that means your smart fridge might have a side job. Someone could have injected it with malware through the web, and now it could be mining bitcoin for criminals.
In 2018, there were more than 23 billion IoT devices and their number is expected to grow by 15% in 2019. While they come from different manufacturers, it is extremely hard to set security standards. Still, it has to be done and relevant legislation should be enacted. The first law of such kind was adopted in California.
Cryptojacking: moving away from laptops
Good news: cybercriminals will virtually stop attacking individual computers to mine a bit of coin, as cryptomining on desktops is about to die.
Yet, internet security predictions indicate that cryptocurrency mining will become more sophisticated instead. Mobile gadgets, IoT devices, servers, and industrial control systems will all be used for cryptojacking. Their ubiquity and the lack of security standards make it easier for criminals to benefit from them. Nowadays, it is even possible to detect which currency to mine on a victim’s machine based on the processing hardware and the value of a specific currency at a given time.
Cryptojacking is hard to detect, as the malware runs quietly in the background stealing the device's resources. The indicators of a take-over may include fast battery drain, abnormal electricity consumption, device heating, and so on. Have a look at that fridge once again.
5G implementation: faster life and larger risks
The rise of 5G is all over cybersecurity news right now. While 5G will bring further speed and efficiency to businesses and users, it will also let cybercriminals carry out attacks with greater force and impact.
5G is expected to hit the market by 2020. By 2021, the number of 5G connections is forecast to reach a figure of between 20 million and 100 million. Such a boom will definitely attract hackers. For example, more and more IoT devices will connect to the 5G network, and it will make them more vulnerable to attacks.
The switch to 5G is incredibly attractive, as it will boost existing services and enable entirely new ones. Yet, the corresponding security risks may be too high, according to security predictions. Mike Elgan advises a rule of thumb: "deploy 5G securely or don’t deploy it at all."
Multifactor authentication: a new must have
"Please enter the code sent to your phone."
If you find this phrase annoying, we've got bad news for you. Multifactor verification (like verification via SMS code) will become the standard in 2019. While millions of people still use identical weak passwords and huge data leaks occur, service providers have no choice but to enforce stronger protection.
Two-factor authentication (2FA) or multifactor authentication can be a solution here. The idea is that the user has to enter more information than just a password to log in. The use of 2FA is slowly getting more popular, but still, more than 90% of Gmail users avoid it.
Various ideas have been considered but none of them is ideal. One of the possible solutions is Universal Second Factor Authentication (U2F) which requires a physical key to be used. As no "secret" is shared with the user, in this case, it is sometimes considered the future of cybersecurity for account protection.
Quantum computing: a future phenomenon to consider today
This one probably comes closer to "Cybersecurity Trends 2020" (or even "2030"). While actual quantum computers are at least a decade away, this technology has enormous potential and it's about time to think about how it might be applied.
Quantum computing, similarly to AI and 5G, is a double-edged sword. This type of computing, based on the features of quantum mechanics, enables processing massive data amounts at lightning speed. On the one hand, it would be possible to crack some forms of once-invulnerable encryption. On the other hand, quantum cryptography will provide exciting means to safeguard privacy.
Quantum computers are not something that will suddenly appear to replace our traditional laptops, but once they are in operation we will certainly notice their impact.
Mac-targeting malware: new threats on the rise
Contrary to popular belief, Macs can get viruses, too. From year to year, the number of such viruses increases. Attackers might use malware to steal personal data, mine cryptocurrencies, install adware on your Mac, and so on.
If you use Apple products and you wouldn’t enjoy publicizing your credit card details and passwords, you should consider some basic security steps. Avoid clicking suspicious links, use strong passwords, choose secure networks over public Wi-Fi, and get reliable antimalware and antivirus software.
It may be natural to feel a bit anxious, but cybersecurity is improving and expanding in turn. The practice of protecting systems, networks, and programs from digital attacks is developing and becoming more intelligent and powerful. Numerous motivated people and mighty organizations are getting involved to help improve digital security. Moreover, there are simple and easy measures individuals can take to ensure they don’t fall victim to cybersecurity threats. You can start with these 30 little steps to protect yourself.