2019 saw a significant number of cyber incidents from the likes of Russia, China, Iran and more using ransomware and types of malware to breach hardware, software and electronic data from organisations across the world.
It is difficult to predict how or when an organisation will be struck by a cyberattack, the only way to combat such attacks is to prepare in the event that they do happen. Recently, we’ve seen cases in New Orleans where cyberattacks have forced them into a state of emergency, and cases of strikes on Iran’s electronic infrastructure have also been a major talking point.
With the end of the year approaching, here are VP of Technology Strategy at CrowdStrike, Michael Sentonas’ five predictions on cybersecurity threats to keep an eye out for in 2020.
1# Targeted enterprise ransomware to escalate
Ransomware is a type of software designed to block access to a computer system until a certain amount of money is paid to the attacker. Going into the new year, cyber attackers have realised that there is more valuable information to target from businesses and governments in the light of poor cyber hygiene, meaning that there is potential for higher payments.
In 2019 alone, 70 state and local governments were victims of this method of cyber attacking. Take ‘Ryuk’ as an example, the ransomware most likely behind the New Orleans attack, and one that had previously affected hundreds of schools in the US.
2# Increase of SMB threats
SMB – server message block – is an internet protocol that provides shared access to files, printers and serial ports between nodes on a network. In 2020, attackers will look to exploit the vulnerability of Microsoft’s SMB and will most likely do so successfully. With the sort of ransomware at the calibre of ‘Ryuk’, an attack on one single device can spread throughout an entire organisation, so the effects could be detrimental.
3# Iran to plan more destructive attacks
It’s not only been in 2019, but in the past years, that Iranian adversaries have produced some of the most damaging cyber attacks. Intelligence gathered at the end of this year points to that trend continuing into 2020 as a consequence of a further development of effective malware.
4# Increased balkanisation of technology domains
The process of balkanisation is described as the fragmentation of a region or state into smaller regions or states that are often uncooperative with one another. because of technological, political, economic and nationalistic agendas and the likes of China, Russia and Iran having technical control over the internet; the balkanisation of the internet will likely carry into the new year. The will ultimately be to reclaim some sort of control over these states while also protecting national interest and infrastructure.
An current example of this is Russia being banned from participating in all international athletic competition for four years, the possibility of Russian state-nexus attackers looking to respond to these responsible organisations is likely.
5# State-sponsored and eCrime behaviour to continue blending together
Not only are eCrime actors becoming more sophisticated, but state-sponsored attackers are leaning more towards using lower tier tactics, techniques and procedures when it comes to stopping attribution efforts. The more advanced techniques are left for the bigger, more extreme needs.
No matter the type of cyber attacker or the type of method employed, the best defence is ensuring that your organisation is deploying true next-gen solutions like that of ‘CrowdStrike Falcon‘ – the platform that helps to stop breaches in security via a unified set of cloud-delivered technologies that prevent all types of attacks including ransomware.