29 October 2019

Check Point Unveils 2020 Cyber-Security Predictions, Warns of New Cyber Cold War


Check Point Software Technologies has unveiled its cyber-security predictions for 2020. They reveal the major cyber incidents and technical developments that Check Point's researchers anticipate will impact our societies and businesses in the coming year and indicate the security strategies that will help both governments and private organizations to prevent these incidents causing widespread damage and disruption.

Global cyber-security predictions for 2020:

- A new cyber 'cold war': The new cold war is intensifying and taking place online as Western and Eastern powers increasingly separate their technologies and intelligence. The ongoing trade war between the U.S. and China and the decoupling of the two huge economies, is a clear sign. Cyber-attacks will increasingly be used as proxy conflicts between smaller countries, funded and enabled by large nations looking to consolidate and extend their spheres of influence, as seen in the recent cyber operations against Iran, following attacks on Saudi Arabia's oil facilities.

- Fake news 2.0 at the U.S. 2020 elections: The U.S. election in 2016 saw the beginning of AI-based propagation of fake news. Political adversaries made huge progress creating special teams that created and spread false stories to undermine support for their opponents. In the run-up to the 2020 elections, we can expect to see these activities in full effect: it's certain that overseas groups are already implementing plans to try and manipulate voters by illicit means.


- Cyber-attacks on utilities and critical infrastructures will continue to grow: Utilities continue to be a target of cyber-attacks, as seen from attacks on U.S. and South African utility companies this year. In many cases, critical power and water distribution infrastructure uses older technology that is vulnerable to remote exploitation because upgrading it risks service interruptions and downtime. Nations will need to look at radically strengthening cyber defenses around their critical infrastructure.

- High profile U.S. brands, beware: As tensions between the U.S. and Iran continue to escalate, we will see an increase in cyber-attacks targeting high-profile American companies. These attacks will focus on disrupting Internet-facing services that these companies' customers and employees rely on.

- Increased lobbying to weaken privacy regulations: As new privacy regulations are put into effect, it has become clear that most organizations, regardless of size or sector, are not prepared to deal with them effectively. Large corporations will accelerate their lobbying efforts asking governments to weaken privacy regulations, especially those covering rapid breach disclosures and the size of fines, such as the $228 million fine against British Airways following its 2018 breach.

Technology cyber-security predictions for 2020:

- Targeted ransomware: 2019 saw ransomware exploits getting highly targeted against specific businesses, as well as local government and healthcare organizations. Attackers are spending time intelligence-gathering on their victims, to ensure they can inflict maximum disruption and ransoms are scaled up accordingly. Attacks have become so damaging that the FBI has softened its stance on paying ransoms: it now acknowledges that in some cases, businesses may need to evaluate options to protect their shareholders, employees and customers.

- Phishing attacks go beyond email: While email remains the No. 1 attack vector, cybercriminals are also using a variety of other attack vectors to trick their intended victims into giving up personal information, login credentials, or even sending money. Increasingly, phishing involves SMS texting attacks against mobiles, or use of messaging on social media and gaming platforms.

- Mobile malware attacks step up: The first half of 2019 saw a 50 percent increase in attacks by mobile banking malware compared to 2018. This malware can steal payment data, credentials and funds from victims' bank accounts, and new versions are available for widespread distribution by anyone that's willing to pay the malware's developers. Phishing attacks will also become more sophisticated and effective, luring mobile users to click on malicious weblinks.

- The rise of cyber insurance: Underwriters will sell more cyber insurance policies for businesses and government agencies such as schools, hospitals and utilities. Insurance companies will continue to guide their policy holders to pay ransoms, as this is generally cheaper than having to recover from a ransomware attack. This will in turn will lead to more attacks and fast growth for the cyber insurance industry. However, insurance payouts are not guaranteed: the legal battle between food giant Mondelez and its insurer Zurich is still ongoing. Mondelez's insurance claim for $100 million after the 2017 NotPetya ransomware attack was refused by Zurich as it claimed the attack was "a hostile or warlike action in time of peace or war."

- More IoT devices, more risks: As 5G networks roll out, the use of connected IoT devices will accelerate dramatically and will massively increase networks' vulnerability to large scale, multi-vector Gen V cyber-attacks. IoT devices and their connections to networks and clouds are still a weak link in security: it's hard to get visibility of devices and they have complex security requirements. We need a more holistic approach to IoT security, with a combination of traditional and new controls to protect these ever-growing networks across all industry and business sectors. The new generation of security will be based on nano security agents: micro-plugins that can work with any device or operating system in any environment, controlling all data that flows to and from the device and giving always-on security.

- Data volumes skyrocket with 5G: The bandwidths that 5G enables will drive an explosion in numbers of connected devices and sensors. eHealth applications will collect data about users' wellbeing, connected car services will monitor users' movements and smart city applications will collect information about how users live their lives. This ever-growing volume of personal data will need to be protected against breaches and theft.

- AI will accelerate security responses: Most security solutions are based on detection engines built on human made logic, but keeping this up-to-date against the latest threats and across new technologies and devices is impossible to do manually. AI dramatically accelerates identification of new threats and responses to them, helping to block attacks before they can spread widely. However, cybercriminals are also starting to take advantage of the same techniques to help them probe networks, find vulnerabilities and develop more ever more evasive malware.

- Security at the speed of DevOps: Organizations already run a majority of their workloads in the cloud, but the level of understanding about securing the cloud remains low and security is often an afterthought with cloud deployments because traditional security measures can inhibit business agility. Security solutions need to evolve to a new paradigm of flexible, cloud-based, resilient architectures that deliver scalable security services at the speed of DevOps.

- Enterprises rethink their cloud approach: Increasing reliance on public cloud infrastructure increases enterprises' exposure to the risk of outages, such as the Google Cloud outage in March 2019. This will drive organizations to look at their existing data center and cloud deployments, and consider hybrid environments comprising both private and public clouds.

Gil Shwed, founder and CEO, Check Point, said, "As our societies increasingly rely on seamless always-on connectivity, criminals and nation-state threat actors have even more opportunities to influence the outcomes of political events, or cause massive disruption and damage that puts thousands of lives at risk. Attacks are constantly increasing. Over the past year, our ThreatCloud blocked nearly 90 billion compromise attempts per day, compared with estimated six billion daily searches on Google."

"We can no longer defend ourselves using traditional detection-based security models: by the time we detect the threat, the damage has already been done. We need to automatically block these advanced new Gen V attacks and prevent them disrupting the systems we rely on, using Gen V security that combines real-time threat prevention, shared intelligence and advanced protections across all networks, cloud and mobile deployments," added Shwed.

No comments: