Home » Security Bloggers Network » Happening Now: Trends 2020

Happening Now: Trends 2020

by Julian Arango on April 1, 2020

In a previous post, we downplayed some cybersecurity
predictions for 2020. We found some of them as imprecise, not plausible,
or not even being a trend (instead, prevalent decades ago). In this
post, we bring to the table other predictions with better support and
evidence for 2020.

There seems to be consensus in four predictions for the current year.
The growth of artificial intelligence (AI) and machine learning (ML)
in cybersecurity is evident. Ransomware is predicted
to keep causing harm worldwide, and their impact is scary. The scarce
talent in cybersecurity hasn’t gone down in the previous years. And
finally, Cloud security disruptions are expected to grow.

The use of AI and ML keeps rising

Many of the publications we consulted listed this trend. The discourses
have little variation: both organizations and criminals, or stated
differently, defense and attack sides on cybersecurity are using
automated algorithms to improve their performance. In general, we can
identify the following advantages by using ML and AI: for defenses,
higher effectiveness (mostly detection), lower impact of human error,
and acceleration of deployment. For the dark side, the benefits are also
sizable —for instance, better and automated phishing
attacks, as well as more sophisticated denial of service attacks.
Moreover, ML and AI algorithms could be used to spread fake news and
deep fakes. Not only that, but
those algorithms could create appealing malicious offers, which,
combined with malware, could harm significantly. Remember Cambridge
Analytica?¹

From another perspective, in 2017, CB
Insights
published a brief report listing more than 80 cybersecurity companies
worldwide using AI.
All of this shows apparent growth,
and hence,
it is indeed a trend.

At Fluid Attacks, we are working on some initiatives using ML/AI
algorithms. See, for example, the post Understanding Program
Semantics written by Rafael
Ballestas, explaining how code audit can be triaged.

Sponsorships Available

Ransomware will not fade away and is evolving

If we take a look at the number of documented incidents plus the
economic impact of ransomware, you can’t imagine something different
from expansion and growth. The following statistics allow us to
understand this trend:

Datto
indicates that year-over-year ransomware downtime costs have
tripled. What is more, this represents 23 times higher costs for
companies compared to the average ransom requested in 2018. This
company also reports that in 2019, 20% of ransomware victims
were small-to-medium size businesses.
Emsisoft’s data indicates that ransomware attacks increased by
41% in 2019 (featured in The New York
Times).
Ransomware costs will reach $20 billion by 2021, according to
Cybersecurity
Ventures.
This means losses 57 times higher than those observed in 2015.

And these are just a few statistics. Let’s take a look at what is
happening broadly with ransomware.

Experts see a change from few high-impact targets to many smaller impact
targets. “With smaller attacks, it’s easier for the criminals to remain
anonymous, laundering money is simpler, and they will have fewer people
to share the overall profit with,” says
Jaxenter.
IBM
Security
noted something in the same lines about this shift.

In the United States, government and public institutions are
increasingly the targets of ransomware. CIO
Dive
published an article that shows the likely cause: these institutions
invest significantly less in cybersecurity compared to the average
company (3% vs. 10% of their budget). Almost a thousand
institutions were victims of ransomware in 2019, according to
Emisoft.

Ransomware is particularly scary: no doubt why different sources
describe this trend as reaching “crisis level” or “terrifying.” For a
more comprehensive detail of these statistics, we suggest the excellent
compilation Security
Boulevard
wrote recently.

Rethinking or devoting more attention to Cloud security

“The level of understanding about security in the cloud remains low; in
fact, it is often an afterthought in cloud deployments,” says the
World Economic
Forum.

It seems that organizations will change their beliefs about cloud
security very soon. In line with the ransomware trend, cloud providers
have been impacted recently.
CyrusOne
suffered an incident a few months ago, affecting the availability of
several customers.
Armor
reported that around thirteen managed-services providers were struck by
ransomware last year. A ransomware attack vector related to cloud
providers is the remote monitoring and management software they use.
Emisoft
brings one example of this: more than 400 companies were disrupted
by one ransomware incident of their cloud provider.

As organizations and people demand more cloud services, attackers
naturally shift there too. There is some evidence that the biggest cloud
service providers in the world have been breached. According to
Proofpoint,
Office 365 and G Suite users have been hacked by using legacy protocols
(e.g., IMAP). Even two-factor authentication schemes are subject to be
bypassed.

The cybersecurity skills gap, still there

Hiring

Figure 1. Many companies keep openings for cybersecurity talent all the time.
Modified image; the original taken from
pxfuel.com

In 2014, the estimate of unfilled cybersecurity jobs was 1 million.
A view from Cybersecurity
Ventures suggests the number
will reach 3.5 million during 2020. Other publications like Harvard
Business
Review
and Knowledge @
Wharton
have also referred to this issue. Some have blamed academia for this
shortage of skilled talent. However, it is not that simple.
In a previous post
in which we interviewed a DevOps engineer,
it was discussed that academia,
in cybersecurity,
is not capable of keeping up with the pace of the industry.

Some people think innovation in automated tools might be the key to
compensate for this shortage. “With as many as two in three
organizations
worldwide
reporting a shortage of IT security staff, automated security tools
such as online vulnerability management solutions are fast becoming
essential to maintaining a good security posture,” says
Netsparker.
Others are not that sure about it, as there needs to be a skilled talent
to operate and fully leverage these solutions.
Besides,
in our view,
vulnerability management
should include ethical hackers’ manual techniques
for identifying,
classifying
and prioritizing the security issues in information systems.

Companies should invest in training for promising talent, rather than
betting only to recruit skilled talent as the shortage is definite.

What’s ahead of 2020?

In our exercise reviewing trends for the ongoing year, we found other
predictions worth mentioning. However, we don’t think they will be too
relevant, yet. Some sources see mobile 5G technologies as a big door
for more vulnerabilities and incidents. Other sources predict
multi-factor authentication schemes will replace two-factor
authentication. Moreover, some predict that there will be lots of
vehicle hacks and the rise of IoT breaches too. To conclude, some
even predict that in 2020 countries will be destabilized by national
elections hacking (this implies the use of digital voting systems. Will
we see that happening?).

What do you think about all of these trends? We hope you have
enjoyed this post, and we look forward to hearing from you. Do get in
touch with us!

In line with these posts about trends, we predict continuous
hacking will grow in 2020 as it
delivers more value to organizations
and enables them to implement DevSecOps.
We have evidence that customers
continuously testing the robustness of their software and IT
infrastructure do find more weaknesses and achieve a higher rate of
fixes. To know more about this, check our “State of Attacks” 2020
Report. Click here to read it.

Report