Check Point Software Technologies, a leading provider of cybersecurity solutions globally has unveiled its cyber-security predictions for 2020. They reveal the major cyber incidents and technical developments that Check Point’s researchers anticipate will impact our societies and businesses in the coming year and indicate the security strategies that will help both governments and private organisations to prevent these incidents causing widespread damage and disruption.
Check Point’s global cyber-security predictions for 2020 are:
1. New cyber “cold war” escalates
There will be a new cold war, and it will be conducted in the online world as Western and Eastern powers increasingly separate their technologies and intelligence. The ongoing trade war between the U.S. and China is a clear indicator of this.
Cyber-attacks will increasingly be used as proxy conflicts between smaller countries.
Cyber-attacks will increasingly be used as proxy conflicts between smaller countries, funded and enabled by large nations looking to consolidate and extend their spheres of influence, as seen in the recent cyber operations against Iran, following attacks on Saudi Arabia’s oil facilities.
2. Cyber-attacks on utilities and critical infrastructures will continue to grow
Utilities continue to be a target of cyber-attacks, as seen from attacks on U.S. and South African utility companies this year. In many cases, critical power and water distribution infrastructure use older technology that is vulnerable to remote exploitation because upgrading it risks service interruptions and downtime. Nations will need to look at radically strengthening cyber defenses for their infrastructure.
Check Point’s technical cyber-security predictions for 2020 are:
1. Targeted ransomware attacks increase
2019 saw ransomware being increasingly targeted against specific businesses, local government and healthcare organisations. Attackers are spending time intelligence gathering on their victims to ensure they can inflict maximum disruption, and ransoms are scaled up accordingly.
Attacks have become so damaging that the FBI has softened its stance on paying ransoms.
Attacks have become so damaging that the FBI has softened its stance on paying ransoms: it now acknowledges that in some cases, businesses may need to evaluate options to protect their shareholders, employees, and customers. This, in turn, will drive an increase in organisations taking out insurance policies against ransomware, which will also increase attackers’ ransom demands.
2. Phishing attacks go beyond email
While email remains the #1 attack vector, cybercriminals are also using a variety of other attack vectors to trick their intended victims into giving up personal information, login credentials, or even sending money. Increasingly, phishing involves SMS texting attacks against mobiles or the use of messaging on social media and gaming platforms.
3. Mobile malware attacks step up
The first half of 2019 saw a 50% increase in attacks by mobile banking malware compared to 2018. This malware can steal payment data, credentials and funds from victims’ bank accounts, and new versions are available for widespread distribution by anyone that’s willing to pay the malware’s developers. Phishing attacks will also become more sophisticated and effective, luring mobile users to click on malicious web links.
Check Point’s founder and CEO, Gil Shwed said, “As our societies increasingly rely on seamless always-on connectivity, criminals and nation-state threat actors have even more opportunities to influence the outcomes of political events or cause massive disruption and damage that puts thousands of lives at risk. Attacks are constantly increasing. Over the past year, our ThreatCloud blocked nearly 90 billion compromise attempts per day – compared with an estimated six billion daily searches on Google.
We can no longer defend ourselves using traditional detection-based security models.
“We can no longer defend ourselves using traditional detection-based security models: by the time we detect the threat, the damage has already been done. We need to automatically block these advanced new Gen V attacks and prevent them from disrupting the systems we rely on, using Gen V security that combines real-time threat prevention, shared intelligence and advanced protections across all networks, cloud, and mobile deployments,” Shwed continued.