Last year we saw new people joining the online world, and as a result, an increase in app downloads was registered. This led to a rise in the number of people who became exposed to vulnerabilities. The year 2019 saw ‘big game hunting ransomware’ targeting businesses and massive data breaches. According to CERT-In data, more than 3,13,000 incidents were reported in India in 2019.
NortonLifeLock, a US-based company, which also has development centres in Pune, Chennai and Bangalore, has released a list of threats that users are likely to see in 2020, and also advised businesses to dedicate resources to protect themselves from data breaches. ‘As we step into 2020, consumers may want to be more mindful about their online footprint as cybercrooks are only getting smarter,’ the firm said.
Here is a look at the likely scenarios in cyber world in 2020:
It has been widely said that the Internet of Things (IoT) devices will continue to increase. This technology will not only connect systems like machine learning, robotics and so on, but it will also increase threats and rising demand for more secure measures to protect data. With 5G roll-out, the issue of IoT security will be a major concern, and consumers will be facing a bigger challenge on the privacy side. The firm says that consumers will be under constant observation, generating more and more valuable data.
According to the firm, cyber criminals will be moving away from easy targets such as home users, to bigger and harder targets such as large organisations to execute ransomware attacks. NortonLifeLock says that large organisations need to allocate enough resources for security and encryption, and training of every employees.
While established companies are likely to allocate enough resources for security measures, small-and-medium businesses (SMBs) may struggle to allocate budgets for the same. They need to shun ‘It’s not going to happen to us’ mentality and make sure employees are vigilant about Business Email Compromise (BEC) attacks. In these attacks, CEOs and executives are impersonated and authorised to do wire transfers. Cyber criminals do a few searches of procurement history and send invoices via phishing emails asking for payments.
Creepware is a Remote Access Trojan (RAT) that allows people to hack into a victim's device to steal personal data, like login passwords, and photos which can be used for blackmailing the users.
Ever seen public charging stations? Juice jacking is connected to these stations and it is a new way of targeting consumers. Travelers who use public charging stations may fall victim to this technique of cyber attacks. People who charge their device by plugging into a USB port or using a USB cable that’s been surreptitiously loaded with malware, put themselves at risk of getting their data stolen. Concerns were raised after the Los Angeles County District Attorney’s Office published an advisory warning travelers of juice jacking at airports and other public locations.
Deepfakes have had their share of a popular method of damaging people’s reputation and propagation of false information. Deepfakes, doctored media in which a person in an existing image or video is replaced with someone else using artificial neural networks, have been used to harm personal lives, cause reputational damage and fool people into making decisions with false information. They can also steer political/electoral campaigns and/or revenge porn. Audio deepfakes can also be used for financial scams.
Credential stuffing is a type of cyber attack where stolen account credentials are used to gain access to accounts through large-scale automated login requests. Various reports have suggested that this technique is being used often and fraudsters are turning to the dark web to acquire stolen usernames and passwords. The criminals then use these login data on social media platforms to try and unlock a victim’s personal data. NortonLifeLock says that if you haven’t elected to use 2FA (two-factor authentication), you are going to be at risk.
There is a lot of difference between disinformation and fake news. Fake news is something which is created to manipulate people, while disinformation is a relatively new concept. The originators of disinformation find existing reports, articles, photos or videos that might be polarizing in and of itself. These people then promote such content through artificial accounts. This concept is prevalent in India where cyber criminals take something out of context, such as a picture that was taken a long time ago and share it over social media, pretending it was taken recently in an effort to make a point.