Ransomware dominated cyber security headlines this year, a trend likely to continue next year. What else should we worry about over the next several months? We asked some experts to tell us what they think are the biggest cyber security threats for 2020.
Higher-order cyber security threats
Anthony DiBello, vice president of strategic development, OpenText
As cyber-maturity grows alongside our understanding of the problems we face, the nature of what is viewed as a “top threat” has changed. In the past we might have viewed top threats from the perspective of targets or tactics. Think “IoT malware” or “ransomware.” These might be top threats to specific industries, like manufacturing or healthcare, but do not speak more broadly to our digital infrastructure or the concept of trust in our systems and institutions. These higher-order threats will be the top challenges of 2020.
The radicalized insider
We have only begun to see the impact insiders can have on organizations as well as national and global security. While Snowden and Manning exfiltrated data for the purposes of shining a light on what they perceived to be unethical conduct, even more dangerous insiders focus on exfiltrating data to foreign governments and terrorist organizations.
The most chilling example of this comes from the Prefecture of Police in central Paris. On Oct. 3, 2019, Mickaël Harpon, a police employee, stabbed six colleagues, killing four. Harpon was assigned to the intelligence unit of the prefecture for 16 years, holding military secrecy security clearance. It was later found that Harpon exfiltrated an unknown amount of classified information via USB over an unknown period, perhaps stretching back several years. Investigators have no knowledge of where that information may have ended up. The national security implications are high, and we have no idea to what degree the intel Harpon exfiltrated benefited those who seek to do the French government and its people harm. Cyber theft leading to the exploitation of national security is one of the top threats in 2020.
Hostile governments are engaged in massive disinformation campaigns meant to cause instability in their adversaries. The United States is still feeling the effect such a campaign caused during the 2016 presidential election. The same tactics were used to disrupt elections in other countries.
As we enter 2020, a U.S. presidential election year, disinformation will be one of the biggest cybersecurity threats we face. Defending against this threat will require the analysis of millions of disparate communications to separate individual viewpoints from concerted efforts to confuse and disrupt, along with the means to disrupt or eliminate those disinformation campaigns. Disinformation campaigns can also create individuals sympathetic to foreign governments, which in turn can lead to cases as described in the first point, the radicalized insider
First was medical history, ID cards, banking details … now? Biometrics, autonomous vehicles, smart home/office/city, 23&Me. More and more personally identifiable information going into the databases of governments and commercial businesses. Some we choose to offer (such as our DNA to learn about our lineage), some taken by virtue of interacting with the world around us (the image of our face as we walk down a city street). Once stolen (and there is no reason to think is hasn’t been or won’t be), this will only make it easier for the bad guys to impersonate us, steal our identity, or hijack our credentials to gain access to our employers’ network.
So, in summary the biggest threats we face in 2020 aren’t specific types or categories of malware or attacks but are the higher-order campaigns that lead to the access for bad actors to then leverage malware (or just a hijacked account) to do their dirty work.
Beware smishing and messaging platform phishing
Ron Gula, president, Gula Tech Adventures; co-founder and former CEO, Tenable Network Security
In 2020, I’m concerned that attackers will switch from email phishing to target Slack, Signal, WhatsApp, LinkedIn, and the hundreds of other messaging platforms we currently trust more than email.
Something old, something new
I suppose I would probably pick just a handful of things that seem pretty important as we enter 2020, in no particular order:
5G. The advent and adoption of 5G may mean “more speed,” but doesn’t mean “more security.” As deployment continues, I anticipate there will be more revelations about 5G security—and likely more security issues.
IoT. I feel like this is a topic that just won’t go away, but it’s also proved to continue to be important. IoT, industrial IoT, and other “smart devices” continue to permeate our homes, business, and lives—along with questions about their security.
Supply chain security. I feel like this is going to continue to be a hot-button issue as the provenance of equipment and underlying components comes under more scrutiny. I expect that discussion around attestation of specific components will continue to grow, too.
CPU (and related) bugs. I wouldn’t be at all surprised if we continue to see more issues like SPECTRE, Meltdown, PortSmash, and the like affecting CPUs. Even particular security-centric components, like Trusted Platform Modules (TPMs), are not without their own set of issues, so I’d expect that to continue, too.
Rethink your mindset around security tools
Paul Kurtz, co-founder and executive chairman, TruSTAR
The biggest threat to security in 2020 isn’t a particular attack, it’s the unwillingness of companies to think about their security tools holistically. Companies must adjust from a mindset of seeking a new or improved tool to counter a “new” threat to managing what they know from their own security tech stack. Advocating for more tools to counter specific threats is a folly in the absence of integration.