Three trends impacting cybersecurity in 2020

Cybercrimes are evolving as technological tools and solutions are advancing.
11 November 2019

A Supercomputing center in Barcelona, Spain. Source: Shutterstock.

It is predicted that cybercrime will cost an annual of US$6 trillion in damages by 2021.

Large companies are not the sole targets; attackers are increasingly favoring the vulnerabilities and lack of preparedness of smaller firms— costing an average of US$200,000, the outcome of a successful attack is frequently enough to close down businesses for good

In the last five years, cybercrime has seen a 67 percent uptick. The upshot is that any business today must be aware of and ready to defend against the growing and evolving threat landscape. In this article, we aim to examine emerging cybercrime trends and the impact it will have on cybersecurity in 2020, and beyond. 

Mobile malware

Banking trojan malware is evolving quickly, and while in 2018 it accounted for a number of attacks on email, it’s becoming a growing problem on mobile. 

Posing as legitimate banking apps, Kaspersky Lab uncovered a “worrying rise” in malware designed to steal credentials and money from users’ accounts. The cybersecurity firm called these attacks some of the most rapidly-developing, flexible and dangerous types of malware. When a victim tries to access their genuine banking app, attackers can gain access to that too.

According to Kaspersky, such malware files discovered rose from 18,501 in 2018 to 29,841 files in Q4 2018. Cybercriminals are taking advantage of the banking sector’s push for better digital customer experience (CX).

The rise in attacks is evidence of how new threats can emerge or evolve in response to industry trends. Basically, “the sharp rise in mobile banking malware correlates to the growing use of mobile banking applications,” Maya Horowitz, Director of Threat Intelligence and Research at Check Point states. 

Misconfiguration in the cloud 

Cloud migration is becoming a more popular choice for brick and mortar stores, and e-commerce alike; as retailers tap into the power of data to generate new insights, cloud storage is required to hold the information that is amassed, while cloud computing solutions provide the tools required. 

Businesses can easily scale up or down in data storage and computing power following the seasons of the market, but with the operation and maintenance of businesses often done remotely or by third-party service providers, the convenience and remote access can leave room for vulnerability. 

Major companies like Netflix, Ford, and TD Bank have suffered from large data breaches due to the misconfiguration of the cloud computing system— a single misconfiguration may lead to an entire cloud computing system becoming vulnerable and have its cloud-based data vaults exposed to the public.

Individuals or groups with malevolent intent may take advantage of this mistake to access other sensitive information on the server. 

Automated tool attacks

Besides trouble in the clouds, cybercriminals are using a collection of automated tools to pull off large-scale theft and evade security controls more efficiently. 

The cycle of an attack of this nature often starts with cybercriminals gaining access and control of the target environment, next, they employ various approaches to identify the source of data or valuable assets to complete their goals. 

Cybercriminals often survey and replicate the targeted environment to locate critical points like administrative workstations, data storage, backup servers, and files. Once a highly-prized location is identified, the attacker utilizes legitimate tools to attack under the guise of “normal” activities until uncovered. 

Cybersecurity in 2020

The rise of cybercrime and its constantly changing landscape is a reminder that as technology evolves rapidly, so too do the vulnerabilities and loopholes. Therefore, experts commented that spending on cybersecurity needs to rise to be on par with the advancement of technologies in the coming years.

The rise of new technologies, such as 5G-enabled IoT, even the adoption of quantum-inspired technologies, means organizations must be prepared for innovative new attacks that leverage new vulnerabilities that come alongside them and the new capabilities that those technologies themselves also provide.

It’s heartening to know that, in response, cybersecurity budgets are rising. Research showed a 141 percent increase from 2010 to 2018. Moreover, small and medium-sized companies (SMEs) have expanded their data privacy budget by 14 percent more in 2019, and will likely increase the budget in 2020.

Besides that, about nine out of 10 companies have roles dedicated to plan, monitor and strategize cybersecurity plans. Clearly, the practices of strengthening cybersecurity are gaining momentum and will bring the fight to emerging threats in 2020, whatever other forms they may take.