The expectations for the year 2020 are massive, as major world events underscore mounting geopolitical tensions. The United States will elect a president, Tokyo will host the Olympics, and renewable energy is anticipated to outcompete fossil fuels. Likewise, this time of economic uncertainty and increased competition across the industry is contributing to the rise of digital transformation. Unprecedented innovations have been promised to us. Commercial space programs will take us to Mars, we will control devices with microchips implanted in our brains, and cars will be fully autonomous. Whether the above will come to fruition, one thing is for sure: the transformational benefits of next-generation technology are here.
Predictions That Came True in 2019
IoT State-Sponsored Threats
Anticipating that the most advanced threat actors would seek to leverage the expanding ecosystem of Internet of Things (IoT) devices found throughout targeted environments, we observed that state-sponsored adversary would train their sights on IoT to be leveraged in espionage operations. In August 2019, researchers reported that Russia-aligned threat group APT28 had pivoted from compromised devices—including a Voice over Internet Protocol phone, printer, and video decoder—to establish a foothold on corporate networks.
IoT & Botnets
In addition to state-sponsored espionage, criminals have expanded their abuse of IoT. Agility predicted that threat actors would rely on IoT proxy botnets to conceal their malicious activity, and between Q1 2019 and Q2 2019 attack traffic routed through residential IP addresses in the U.S.— including IoT devices—nearly quadrupled for the retail and financial services sectors.² Further, in June 2019, the U.S. Federal Bureau of Investigation reiterated the importance of securing IoT devices, in response to a surge of activity using these systems to proxy malicious traffic.
While 2019 did not see the rise of deep-fake video content in state-backed information operations, the first instance of cybercriminals using deep fakes has been observed. In at least one case in March 2019 that targeted a United Kingdom-energy firm, criminals used artificial intelligence-based software to impersonate the CEO’s voice in phone calls requesting fraudulent fund transfers.
Critical Infrastructure – State-Sponsored Threats
As public utilities become a primary target for cyber attacks as interstate tensions rise, we predicted that nation-state threat actors would target critical infrastructure providing open water services. In August 2019, U.S. media reported that Iranian-sponsored hackers breached the network of Bahrain’s Electricity and Water Authority, prompting the organization to take its systems offline.
Cybercriminals adapt, hustle, and diversify.
Financially motivated attacks are still active, but cybercriminals will continue to shift their tactics to reduce risks of detection and disruptions.
Cloud vulnerabilities demand costly solutions.
Modern CPU vulnerabilities pose a high risk to organizations running their compute infrastructure in the public cloud.
Supply chain threats turn friends into frenemies.
Basic cybersecurity hygiene appears to be pushing cyber threat actors to find new avenues, such as their supply chains, to compromise organizations.
New dangers in ransomware defense and response
Ransomware attacks could pose a significant threat and may, at times, serve impure motives—financial, ideological, or political.
A security pivot
Cybercrime is not a one-time event. Just as one avenue of income has been blocked, cybercriminals will swiftly move on to another, often more sophisticated means of entry. Organizations must adapt their approach to meet the latest demands from a rapidly changing world by remembering that:
- Communications targeting a global stage may not be all they seem.
- Cybercriminals are shifting—and so should you.
- The mixed motives behind ransomware are making it more destructive.
- This is no time for splendid isolation—your ecosystem needs you.
- Beware of opening more than the back door.
Organizations must learn not to dwell on the vulnerabilities of the past and be consistent but flexible in their defense. In short, they must tackle cyber resilience with a security pivot mind-set.
2020 Cyber Threat Trends Outlook
By identifying cybersecurity trends on the horizon, monitoring today’s threat landscape—and anticipating tomorrow’s—to help organizations prepare for what’s next.
We dive deep, delivering forward-looking projections of near-term cyber threats. Thinking ahead to emerging threats your organization should watch out for in the coming year will help inform your proactive approach to cybersecurity.
The nine critical cyber threats:
- Global balkanization of technology
- Tainted component: Clones and counterfeits
- Cybercrime hits the highway.
- Malware takes flight: Drones as an initial network infection vector.
- Shattering constellations: The future of satellites for Earth, space, and the internet
- When advanced persistent threats all look alike
- Digital elections interference
- Cyber operations carry the increased risk of conventional military response.
- Nation-states poised to interfere in 2020 Olympics
The evolution of next-generation digital transformations also generates a multitude of new security vulnerabilities. Cyber resilience is more critical now than ever. Organizations must address cybersecurity across the entire organization: IT, OT, cloud, and mobile; leverage cyber as a business enabler; and allow the organization to advance proprietary technology, secure intellectual property, protect the extended supply chain, and maintain competitive advantages. Proactive security planning that incorporates enterprise IT, cloud, and third parties minimize the impact of cyber threats and improve resiliency. Similarly, we recommend thinking comprehensively about security where employees, leadership, and third-party vendors are aligned to create a cohesive and effective cybersecurity program. In our work with the most sophisticated government organizations and leading enterprises, Agility has consistently seen that the most effective cyber defense has an agile leadership team that continuously prioritizes risk based upon relevant threats. We believe that the organizations that understand their threat landscape will be the most cyber resilient, ready to mitigate and defend against an increasing number of attacks. Moreover, those that prioritize cyber as an enabler of their digital transformation will realize lasting business value well past 2020.