Securing your network against unauthorized access is an ongoing battle. Just when you think you’ve got a handle on the typical viruses, ransomware, and spyware hacks, new ones come out that require an update to your defensive strategy.
According to a report by the Canadian Internet Registration Authority (CIRA), 88% of Canadian business owners surveyed are concerned about future cyberattacks and 40% of them have experienced an attack within the last 12 months.
Business owners are smart to be worried, as we’re seeing both new and more sophisticated versions of older threats being released every day requiring network security defenses to evolve along with them.
But if you know what’s coming, you have a much better chance of being prepared and having a cybersecurity infrastructure that can handle them.
From old standards that take on new forms to completely new attacks requiring different strategies, the cybersecurity threats coming your way in 2020 are varied, but all can be defended against with the right strategy.
Here are the biggest threats to prepare for in the new year.
PowerShell is part of the Windows operating system and it performs a variety of legitimate administrative tasks, but hackers have found new and inventive ways to exploit PowerShell code through what are called “fileless” attacks.
They’re fileless because they don’t infect your computer with a file containing malware, but rather access PowerShell and feed it malicious code that allows hackers to gain access to your system to do whatever they’d like.
PowerShell attacks increased 1000% in 2018 and that trend is expected to continue.
Smart speakers, smart video cameras, smart white boards… our homes and offices are getting filled with more internet connected devices than ever before. These smart gadgets are prime targets for hackers looking for a way into a company’s network.
They’re often left at their default settings, without an access password being changed, and they’re also susceptible to being forgotten when it comes to applying security patches and updates.
Hackers can easily use an IoT device that’s connected to your wireless network to infect other connected devices.
Ransomware has been around for a while, but that’s because it’s continued to be a successful money maker for cybercriminals. Too many companies are still not employing good backup and recovery strategies to ensurebusiness continuity and ransomware attacks that make all your data unusable are known to be particularly devastating.
According to insurance giant Chubb, Canadian firms saw more ransomware attacks in the first half of 2019 than in 2018 and they called the rise in ransomware “alarming.”
Mobile ransomware is also a newer phenomenon but one that’s growing fast due to the prevalent use of mobile devices for business data access.
Phishing is one of those constant threats that never seems to lessen or go away and email phishing attacks are as popular as ever. They’re the number one cause of data breaches.
In 2020, watch for more social phishing attacks via social media posts and direct messages as hackers exploit all the personal information they can glean from sites like Facebook and LinkedIn. The goal is to try to gain enough trust to get someone to click a malicious link or expose sensitive data that can be used for credential theft.
No one wants to think that one of their employees would purposely breach their network or steal sensitive information, but it does happen. And an “insider” attack doesn’t necessarily have to be done by an employee. Anyone that breaches a high-level employee password or one that has any type of data access can act as an insider that the system sees as having authorized access.
User passwords are a hot commodity on the Dark Web and one of the items that hackers go looking for when they breach a server. Systems that don’t employ safeguards such as multi-factor authentication are often most vulnerable to these types of insider attacks using stolen credentials.
Fake apps that spoof legitimate ones and mobile devices without proper security are just two of the issues that have caused a rise in cyberattacks on mobile devices.
Users often download before they think and can mistake a fake app designed to infect a device with malicious code for a legitimate one. Mobile security also hasn’t always kept up with that of desktops.
Business mobile apps are 3 times more likely to leak login credentials than the average app.
Use of mobile devices for mobile payments and accessing company data continues to rise, and so have attacks on mobile devices as a result.
Are you unsure if your cybersecurity strategies are ready for the threats coming in 2020? Haxxess consultants can provide a full analysis of your IT system, including mobile, and custom tailor a plan for you that will have you covered.
Book a complimentary IT security checkup with us today! Questions? Call us anytime at 705-222-8324.