Joseph Dalessandro, an expert and professor in information technology in Tulane University’s School of Professional Advancement, breaks down the top cybersecurity threats and trends in 2020.
Dalessandro predicts hackers will continue to focus on what works best and augment it with new and novel methods of attack. Here are his top five cybersecurity trends to watch in 2020.
- The cybercriminal has become a mainstream occupation, and America is finally waking up to this fact, even though many countries have known this for several years. Many Americans wake up each day, dress and head off to work. Cybercriminals are no different. Around the world, these individuals do the same thing. They head off to an office where they spend all day trying to steal data and find ways to access bank accounts. It is now a “regular” job in some countries, including the U.S., and is currently very profitable employment. This trend will continue to grow and become more accepted in the future. This will impact new areas that have not previously had cybersecurity problems.
- Phishing and whaling will reach the next level. Phishing is when criminals use fraudulent emails in an attempt to steal usernames and passwords or to plant a virus or ransomware on computers. Whaling is the same thing, except the target is a specific executive or executive type or business owner. Criminals are targeting specific emails because it is one of the most common forms of business and personal communication. Malicious emails are very successful, and criminals are well-versed with what to say, how to follow-up, and in some cases, have 800 numbers for these victims to call.
Some statistics to know about this trend:
- 48% of all malicious email attachments are Microsoft Office files (Word, Excel, PowerPoint)
- Top 5 scams in order: bill notices, email delivery failure, package delivery, legal/law enforcement, scanned document.
- 55% of email is spam (and potentially dangerous)
- Connected devices (watches, wearables, appliances, toys, cameras, smart home automation) will continue to present both opportunities for businesses and problems for businesses and consumers. Twenty years ago, I had high-speed (1.5 Mbps at the time) bandwidth in my home, and I had a total of three devices connected: a laptop personal computer and two servers. I controlled everything, and security was tight, and I still had problems. Today I do not run a business from my home, and my bandwidth speed averages 30Mbps and I now have 19 devices connected at all times, most of which I have little or no control over. Many businesses are no different. This increased attack surface will present more significant problems in 2020 with attackers looking to leverage these in-home aids, medical devices and smart-home appliances to steal data
- Website attacks. The No. 1 attack method is still SQLi (pronounced Sequel-injection or S-Q-L-i). SQLi recently reached a milestone, celebrating a successful 20 years of existence. It is a sad commentary on cybersecurity. Website attacks will continue to rise in 2020 because they still work. Criminals are nothing if not consistent. If it works, they use it and rely on it.
- Cryptocurrency will continue to grow with more “regular” people moving toward cryptocurrency use in 2020. We will hear more about Bitcoin and Libra (Facebook’s cryptocurrency) and other “stablecoin” (backed by what we today call “real assets”) players in 2020 with more mainstream acceptability. This will present opportunities for both consumers and criminals.