Cybersecurity Trends 2020: 5G Will Induce Unprecedented Threats; Machine Learning Will Be Hacked For Max Damage

The Sophos a British security software plc has explored some of the major changes in the threat landscape that emerged over the last year and come up with Sophos 2020 Cybersecurity Trends.

Cybersecurity Trends 2020 By Sophos

According to them, these findings will continue to impact cybersecurity in 2020, encompassing everything from ransomware and automated, active attacks to machine learning, mobile and cloud security risks.

As evidenced in the SophosLabs 2020 Threat Report, the cybersecurity threat landscape has seen several big shifts throughout 2019.

These trends have a great significance as it will help defenders to anticipate what lies ahead and how to best prepare. Let’s go through some of the highlights from this report.

How Ransomware Attackers Will Up The Ante?

According to Mark Loman, director of engineering for next-generation tech at Sophos “It is a lot easier to change a malware’s appearance than to change its purpose or behavior, which is why modern ransomware relies on obfuscation to be successful. However, in 2020, ransomware will raise the stakes by changing or adding traits to confuse some anti-ransomware protection.

The ransomware attackers are tweaking their methods to give themselves an edge from abusing a user’s account to bypass controls and elevate user account privileges to prioritizing the document size and drives they target first.

How Little Missteps Will Lead To Big Breaches In The Cloud? 

As Andy Miller, the senior director of global public cloud, Sophos said “flexibility is the name of the game in cloud computing. With very little effort, it’s possible to toggle on or off resources as needed. This makes it easy for businesses to scale up computing power to suit the needs of their clients or customers. But when it comes to securing the cloud, all that flexibility and ease can come back to bite you later.

In 2020, small missteps in the cloud will end up exposing large businesses. The greatest vulnerability for cloud computing is simple misconfigurations. As cloud systems become more complex and more flexible, operator error continues to increase risk. Combined with a general lack of visibility, this makes cloud computing environments a ready-made target for cyber-attackers.

Cloud platforms themselves are so complex and change so frequently, it’s often difficult to understand the ramifications or consequences of misconfiguration in a specific setting. Further, the inability to closely monitor exactly what an organization’s machines are doing is hugely problematic. Criminals know this and have been attacking cloud computing platforms for precisely these reasons.

Protecting data stored in the cloud requires a very different toolset because the threat model is quite different from those of workstations or servers. It’s critical that organizations re-evaluate their cloud strategies with security top of mind.”

How Cybercriminals Will Try To Corrupt Machine Learning Detection Models? 

According to Joe Levy, CTO, Sophos “machine learning has become an essential part of most modern organizations’ cybersecurity strategy, and cybercriminals are now aware that these tools are being used to thwart their attacks. In response, criminals will set their sights on trying to evade or undermine machine learning security systems.

As the cat-and-mouse game between attackers and defenders continues, we can expect both offensive and defensive machine learning tools of increasing sophistication and effectiveness to develop rapidly. Over the next year, we expect to see more incidents where cyber criminals attempt to trick machine-learning detection and classification models, and even leverage machine learning to generate highly convincing fake content for social engineering attacks.

Over the coming years, the rate at which the cybersecurity industry experiments with and adopts new techniques from the scientific machine learning community will continue to increase, allowing systems to make semi- or fully-autonomous decisions in defending information systems and their users. We are on the verge of exciting examples of this, such as the application of novel techniques like reinforcement learning to the problem. These new defense techniques will be crucial, as it’s likely that cybercriminals will begin executing “wetware” attacks by combining automated content generation and manual human effort to personalize attacks against targets, and evade the current generation of defenses.

In addition to leveraging prevention and protection to stop attacks before they happen, businesses are advised to take a layered approach to security. By combining human threat hunters with the leading threat intelligence and technologies like deep learning, organizations can detect and contain even the most sophisticated attacks faster, minimizing their impacts and costs.”

How 5G Will Introduce Never Before Seen Security Threats?

Dan Schiappa, chief product officer, Sophos said “5G will be the most fundamental game-changing technology to impact the cybersecurity landscape – maybe ever. 5G promises to connect almost all aspects of life through the network with game-changing speed and lower latency, but it will also introduce significant security risks with new potential entry points that will expose organizations to new types of attack.

While 5G holds tremendous promise, overhauling our essential networks will open a Pandora’s box due to the introduction of radio frequencies that to date have not been accessible, not to mention the minimized visibility that will result from them. This will require us to put an even greater focus on the security of our connections, devices and applications.

5G devices come with built-in radios that don’t require communication with the corporate network anymore. This makes it incredibly difficult to identify threats and compromised devices.

It’s never been more critical for cybersecurity products to work together as a system. Organizations will need a layered approach to security where products connect and share actionable intelligence. A synchronized security approach builds bridges allowing products to work together stronger than they would on their own.”

Why MSPs Will Become Security Advisors?

Scott Barlow, vice president of global MSP, Sophos said “in today’s crowded market, it’s more important than ever for MSPs to double down on becoming educated security advisors. Next year, MSPs need to ensure that they are staying up to date on the rapidly evolving threat landscape and available next-generation security solutions in order to arm their customers with the industry’s best solutions for staying secure.

The cyber threat landscape is moving quickly and end-users need help and guidance to ensure they’re being protected from today’s sophisticated attacks. It’s critical that MSPs are educated in order to provide the right resources for their customers – which in turn supports upselling and cross-selling– to really take advantage of this opportunity.

Internally, MSPs also need to take steps to secure their own environments because MSPs are becoming rich targets for cybercriminals. Sophos recommends that MSPs leverage two-factor authentication and ensure they’re locking down their network with layered security to protect themselves from unwanted threats.”