Cybersecurity 2020 Snapshot

by Serena Raymond on Mar 29, 2020 12:00:00 AM

This post on cybersecurity 2020 isn’t about cybersecurity hindsight. We’re putting this year-to-date under a microscope and observing exactly where cybersecurity stands.

We’re going to explore external influences on cybersecurity, trends we’re seeing in the space, and what it means for businesses everywhere.

Coronavirus effect on cybersecurity 2020 at-a-glance

You didn’t think you were going to get through an entire blog post without someone bringing it up, did you?

Coronavirus is having a serious impact on cybersecurity in 2020. It’s not just affecting our health, it’s impacting our normal lives and how we work. And it’s not just all about the risks that remote work can bring.

It’s creating a large distraction for businesses as a whole. As healthcare providers, government agencies, and small businesses shift gears to address general business concerns because of COVID-19, some of us are forgetting that security threats are still out there. In some cases, resources are being redirected and opening businesses up to major data breaches.

The following trends in cybersecurity would have likely been on this list even without coronavirus. However, COVID-19 is amplifying these concerns, as cybercriminals exploit universal distraction for their own gain.

So while you could theoretically omit the coronavirus from a list of cybersecurity trends in the year 2020, you wouldn’t be looking at the full picture. It continues to have an impact on everything we do, and cybersecurity is no exception.

Mobile threats should be taken seriously

You’re not just using your phone to play Candy Crush. You’re sending work emails, checking work applications, and accessing critical information.

Just because you’re on your personal phone, doesn’t mean your business data isn’t at risk.

All of the threats you can find on your work laptop, you can find on your cell phone. Companies need to make sure their employees are accessing applications securely and stress the importance of updating software.

Employees are especially likely to fall victim to phishing attacks on their cell phones, when they’re likely reading messages quickly between meetings or after work. Understanding this is the first step in mitigating the threat of mobile attacks.

Security in the cloud

Cloud security is a broad term that refers to security of cloud data, applications, and infrastructure. Unfortunately, because this is such a broad term, people have differing views of what cloud security really is.

When one person refers to cloud security, they might mean securing cloud services. Someone else might mean protecting the connection between the user and cloud applications.

For our purposes, it’s everything related to the cloud. And at this point in time, most everything is in the cloud. Which means you need to protect it. As 2020 marches on, cloud security will become even more important. Especially with so many remote employees now accessing cloud applications with insecure devices.

AI: Everyone has it

AI and machine learning isn’t just a cybersecurity trend. At this point in 2020, all forms of technology claim to be relying on machine learning in some way.

Machine learning will continue to be a big sticking point in the cybersecurity industry. To innovate and grow, companies need to adopt cybersecurity.

But when we say “everyone” has AI, we really mean it. It’s even suggested that hackers might be using AI to deploy malware.

In 2019, AI-generated audio was used to impersonate a CEO’s voice and trick employees into handing over actual cash.

Hackers are smart, and while the good guys use their AI to keep them out, expect to see more of an AI arms race through the end of the year.

State-sponsored cyber attacks

After the RSA conference in February, we walked away knowing that government cybersecurity was going to be a big deal.

With the distraction that is coronavirus, an upcoming 2020 election, and peace talks with the Taliban, this will certainly remain a huge cybersecurity threat globally.

We’re only three full months into 2020, and this has already been an exceptionally active year from a government perspective. By that, I mean on a global scale swift government action has become a necessity.

As mentioned previously, all of these moving parts are creating a lot of distractions, which increases the likelihood of state-sponsored attacks. It’s also creating a lot of opportunities for individual cybercriminals (or small cybercriminal gangs) to capitalize on.

Ransomware never sleeps

It doesn’t matter what the crisis is: wildfires, hurricanes, or contagious diseases. Cybercriminals are deploying ransomware attacks to target your fears.

One new ransomware attack targets healthcare workers using coronavirus as the bait. And it’s working.

The goal of a ransomware attack is to hold something hostage and ask for payment in exchange for the release of what was taken hostage. As an example, your browser may be “taken hostage” and “require” payment to become unlocked. Or, a hospital or other essential service might be locked from viewing sensitive patient data, and the only recourse would be to pay the fee.

Not only is ransomware a concern-of-the-moment because of coronavirus, but attacks are expected to rise regardless. Ransomware-as-a-service is a growing (and lucrative) trend for cybercriminals.

Much like you’d grow a typical business, ransomware providers are forming partnerships and supply chains for these attacks. Expect to hear the term “ransomware-as-a-service” more throughout 2020 as “organized crime” takes on a new meaning for the future.

Businesses are at varying levels of preparedness

While not unique to 2020, it’s very likely that businesses will go from varying levels of preparedness to unprepared as a whole. Because of the economic effects of coronavirus, we expect to see more companies slashing budgets where they need to and inadvertently exposing their businesses to cyber attacks.

We can still move toward a new secure future for all industries, but I presume we’ll be seeing the effects of the coronavirus in cybersecurity (and so many other fields) for the next few years.

If you’re a managed service provider looking to guide your clients through this uncertainty, we wrote a guide with our friends at Huntress Labs. This guide will help you work with your clients, whether they’re looking to grow their cybersecurity maturity or are now budget-conscious because of outside forces.

GET THE GUIDE

Topics: Cybersecurity & IT

Artificial Intelligence in Cybersecurity

The term “artificial intelligence (AI)” was first coined in 1956. While progress stalled for many years, we can thank IBM for sparking real interest in AI as viable technology: First in 1997 when the computer Deep Blue defeated a chess champion and again in 2011 when Watson won Jeopardy!

The Mind Games Behind Cyber Attacks

Hackers have long understood that the most sophisticated firewall is no match for a well-placed psychological trick. While many focus on the technical prowess of cybercriminals, the real magic often lies in their ability to manipulate human behavior. By exploiting our natural tendencies and cognitive biases, hackers can slip past even the most robust security systems. It's not just about cracking codes; it's about cracking the human psyche.

AI and Cybersecurity Risks: Why DNS Filtering is Critical for AI-Driven Workplaces

Artificial intelligence is transforming business operations, automating everything from customer service to data analysis. But with these advancements come new security challenges. AI-driven cyber threats are becoming more sophisticated, enabling attackers to automate phishing campaigns, generate malware, and exfiltrate sensitive data at scale. Without proper safeguards, AI tools can unintentionally leak corporate secrets or connect to malicious ...