Tech Tips from CoopSys – Episode 8: 2020 Cybersecurity and Tech Warnings
What better time than the start of the new year to reflect on what we have seen and learned over the course of the previous year! In our latest episode of Tech Tips from CoopSys we review some major 2019 cybersecurity developments and the overarching landscape, and then we discuss how that relates to what we might see and what might change with the impending 2020 cybersecurity landscape.
The cyber climate right now is extremely volatile, so we put this together to help you, your staff, and your business to recognize some of the biggest threats and help you become more resilient than before. Things are not getting any less scary, but we can help you to build defenses and simplify your management of technology.
This post echoes the very sentiments we shared in the first week of this year, which is when we suggested preparing for the Cyber Cold War. We definitely recommend taking a look at this as well because even though the topics overlap there are unique insights offered in each that can help you to survive and thrive in 2020.
2019 Cybersecurity and Tech In Review
Let’s start with the 10,000-foot view of what we observed this past year.
Why? Well, these are still hugely relevant and, in fact, ALL of these double as warnings, if you will, for 2020!
Malware Attacks on Municipalities and Utilities
In 2019 saw an unprecedented amount of attacks on various town and city departments and associated organizations. In Texas, for example, this past August there was a situation where 22 towns and cities were simultaneously hit with ransomware. It stopped most of these cities and towns in their tracks.
With these sorts of attacks, even if there’s cyber insurance in place to cover the ransom if they want to pay it, or if there are other costs to trying to bring back the data and systems, it is actually taxpayers who often end up on the hook for the deductible and possibly other costs as well. That’s not even taking into account all of the other non-monetary losses that are arguably the most severe impact on organizations and government entities. Confidence and trust are lost, which means huge consequences for an organization of any shape or size, really, who might fall victim to attacks like these.
We recommend taking a look at our Ransomware Tech Tips episode if you haven’t yet. We walked through all the ways you can avoid ransomware, but we also discussed what you should be doing if you are the unfortunate victim.
Mobile Malware Running Rampant
The truth is that most of us are guilty of the occasional app download without looking it up and down first to make sure the developer is reputable and the security is strong. In fact, it’s probable that all of you reading this have, at some point or another, blindly clicked “OK” when an app asked for access to all sorts of things on your device. You likely didn’t look back to figure out what those things were either.
There are some staggering stats that should make us all slow down before our next app download or ad click.
Androids inherently have more vulnerabilities. That’s primarily because they’re mostly open-source, which means that anybody can look at what’s “in” an Android. This is the same reason why the majority of malware attacking smartphones are targeting Android devices still. Even ordinary apps like scanners and maps can carry malware. Not only that but with Android not everybody gets the same OS updates at the same time. Tons of opportunity for attackers.
Not so fast, though, Apple device users. You’re not totally in the clear. Yes, it is true that Apple is extremely strict about which apps pass Go and get published after they’re submitted to the App Store. Apple’s really strict about its code to begin with, too. Even considering all of that, infected apps do sometimes sneakily succeed in getting onto the App Store. They’re usually squashed quickly, but before that, they can wreak havoc quickly (as in: within hours). Otherwise, it’s phishing that gives attackers their power over iOS users for the most part.
By the way, in case it isn’t already obvious: Jailbreaking your phone is a bad idea when it comes to security. You’re removing the very mechanisms by which Apple restricts app flexibility, which opens you up to be very vulnerable to those third-party app developers!
It’s so important to remember that your little handheld mobile device is extremely powerful, for both you and for bad actors if they get in. Mobile safeguarding is paramount.
Phishing risks are becoming more severe as they get more targeted. There is much more intelligence gathering, as opposed to the ol’ “spray and pray” technique, that happens before cybercriminals make big moves. We’re seeing more and more of these multi-step compounded attacks that leverage multiple contacts and tools to get the job done. This is not a surprising development as we look at 2020 cybersecurity, as it appeared in most conversations about malware int he past year or even two. Still, it belongs on this shortlist.
First, they’ll phish your staff and weasel in via malware. Then, they wait and scoop up as much intel as possible via mailboxes, file access, and so on. From there, they stage a second attack involving CEO fraud or another seemingly innocuous scenario. It’s there that they know just what to say and do to fly under the radar, all thanks to the work they did up to that point. It isn’t until after the attack that victims sometimes suspect any criminal activity!
We don’t need to spend too much time on this one since we have SO many resources on our blog, in our webinars, and throughout our other resources that attempt to educate our listeners and readers on this topic. Even with the strongest technical resources available out there in place, the number one thing you can do to try and prevent phishing is to train your staff.
Low Cybersecurity Confidence
Regardless of how many technical protections businesses are available out there, confidence is still extremely low among business owners and IT managers. According to a recent Global cyber risk perception survey, only about 11 percent of organizations report high confidence in their ability to detect and mitigate attacks.
Since we expect that this will continue to be true, just knowing how rapidly the threats landscape evolves, we want to acknowledge it on this list because attackers recognize when you are not prepared. It is so important to learn what it looks like to be READY and what it takes to be resilient. Get your disaster recovery plan in place, test your backups, and train your users.
Fire Vs. Fire
Security companies are doing something to combat the AI that helps many cybercriminals to be so productive. They have started to roll out powerful features in their cybersecurity protection products that automate detection and remediation or mitigation. Their 2020 cybersecurity development plans are often based on the current and immediate future threats landscape because of how difficult it can be to see further in the distance. The clean-up that these do, even the monitoring of network traffic and establishing baselines for normal activity in business systems, can be used for them to do a better and better job over time identifying suspicious and unusual activity. Any anomalies can, in time, get squashed by way of technical tools, or this can be the job of staff whose time can be used to make decisions on how the company should react to particular threats and can take necessary steps to handle threat scenarios. This is much better than them spending hours troubleshooting and scrambling after attacks already happen!
This is a seemingly positive development but also serves as a reminder that we are more often than not playing catch-up with the techniques of bad actors. Again, to combat the advanced nature of attacks nowadays, your team needs to have the training and understanding of best practices that build resilience for your company.
What Else Might We See in 2020?
The above issues have a ton of momentum and are among our warnings for 2020, but here are more you need to know about that are extremely likely and will prove challenging in the year to come.
2020 Cybersecurity and The Election
There’s no doubt that we’ll see some malicious activity, and it is likely to come in a couple of forms.
Election security is definitely top of mind for voters, even if they aren’t thinking about 2020 cybersecurity. They’re just looking for “facts”. There is definitively risk here and there will likely be plenty of manipulation and tampering. There’s also more digital-minded first-time voters, which means more reliance on internet-connected systems to participate in the election. Misinformation campaigns are sure to have an impact.
A really common example of this is the AI-generated “deep fakes”. These are pictures and videos that seem to show certain politicians saying and doing things they never actually said or did. This is an extremely powerful tool that can be used in a malicious way to essentially weaponized false information. This means that (thanks in large part to social media) representations of candidates and news events can circulate to reach millions of people in seconds.
This is all related to the reality that there’s a sort of emerging global cyber warfare that is continuing to gain traction, even when we try to stop it.
So, this definitely belongs at the top of our warnings list.
Don’t believe everything you see and read.
This might seem obvious, but the Internet of Things (“IoT”) devices and apps are still seriously lacking the security they need, just knowing how prevalent they are now.
There are literally billions of IoT devices in use out there, and a considerable chunk of those are operating without security features built-in and active. So, it’s no surprise that we put this on the 2020 cybersecurity concerns list.
There are both consumer and market applications for IoT, and it all offers a ton of opportunity for efficiencies and monitoring. But with this, there is a ton of risk to end-user and company security if left unmanaged. This is true for everything from the super high tech autonomous vehicle technologies all the way down to even seemingly harmless tools like home thermostats. There are cybersecurity implications, physical safety concerns, and general privacy concerns as we know. There is just such a flood of data and there is such diversity among the resources used to enable these technologies, that most traditional cybersecurity solutions are less effective in the case of IoT.
If you’re using IoT devices either at home or in your business we strongly encourage you to pay close attention to the policies and controls available to protect your connections. Be aware and wary of what networks you’re connected to and what data you’re making available by using those devices.
We sincerely hope that this and our other recent pieces offer insights that help you map out your strategy for protecting and optimizing your business in 2020. A security awareness program is really critical. That’s become clear given the list of 2020 cybersecurity concerns and specific issues we’re facing.
Training and testing will undoubtedly have a huge positive impact on your company’s ability to fend off attacks, so please get in touch with us if you don’t already have one in place.