Security, Raspberry Pi and Kubernetes.
Reasons to Be Wary of Cyber Security in 2020. WatchGuard warns of more ransomware attacks on the cloud and mobile data networks along with new vulnerabilities in the 5G/Wi-Fi handover.
2020 will see a rapid increase in ransomware attacks on the cloud, targeted at industries particularly vulnerable to downtime, including healthcare, government and industrial control systems, according to the WatchGuard Threat Lab. Already a billion-pound industry, ransomware has-so far largely left the cloud untouched but as businesses of all sizes move their servers and data, WatchGuard predicts more attacks on consolidated cloud assets, such as file stores, S3 buckets and virtual environments as the cybercriminals evolve to maximise profits.
"The team at our WatchGuard Threat Lab has been tracking the trends over the last 12 months and it is clear that 'shotgun blast' ransomware attacks are being replaced by targeted attacks," said Corey Nachreiner, CTO at WatchGuard Technologies. "Too many companies think that migrating to the cloud means moving their data to a 'safe haven'. While the threats on the horizon won't be any less intense, complicated or difficult to manage, we do see a move to simplify security in order to mitigate the risks."
The WatchGuard Threat Labs' 'ones to watch' for security predictions for 2020 also include:
Attackers will find new vulnerabilities in the 5G/Wi-Fi handover to access voice and/or data of 5G mobiles. Security researchers have already exposed flaws in the cellular to Wi-Fi switch when people use devices in public Wi-Fi hubs, which have intelligence built in to automatically and silently switch between cellular and Wi-Fi. So, as 5G is rolled out, it's very likely we will see a large 5G to Wi-Fi vulnerability exposed in 2020, which could potentially allow attackers to access the voice and/or data of 5G mobile phones when they start to increase in use and operability. The only way to prevent attackers eavesdropping or access data on cellular to Wi-Fi connections is to use a VPN.
A quarter of all breaches will happen outside the perimeter.
The more widespread practises of flexible and mobile working mean operating outside the traditional network boundary, which has been a key part of a layered security defence. And as mobile devices can often mask the signs of phishing attacks and other threats, we think that a quarter of all data breaches in the next 12 months will involve telecommuters, mobile devices and off-premises assets.
Multi-factor authentication becomes the norm. Most businesses are still terrible at validating online identities. Previously considered too expensive and cumbersome for midmarket organisations, cloud-based multi-factor authentication (MFA) using easy app-based models have become more available and simpler to deploy and use for organisations of all sizes. Mobile phones have also removed the expensive need for hardware tokens. At long last, company-wide MFA will become the de facto standard among all midsized companies next year.
GDPR goes global.
Companies across Europe have already been fined millions of euros for GDPR violations. Meanwhile, the US has no real equivalent, but as companies like Facebook leak more and more of our personal data, which has been used in everything from...