G DATA has released a number of predictions for 2020. This includes an increased use of automation in cyberattacks and more ransomware attacks on servers.
The first prediction from G DATA is that criminals, like companies, will use more automation in the execution of their campaigns. This means that larger-scale attacks can be launched on more specific targets, and this applies especially to SMEs. For example, phishing emails can be sent on a large scale with infected attachments.
The vulnerability of certain devices on the IoT market will play a role in this, according to the German security company. ‘Security by design’ will therefore become more important than ever to hardware manufacturers. It is, therefore, wise for users to inquire about security risks before purchasing certain hardware.
Attacks on servers
As a result of the increase in automated attacks described above, the amount of ransomware will not decrease next year. Cybercriminals are likely to deploy ransomware in a more targeted manner by attacking specific company servers. In one sentence, they can ask for more ransom money with less effort.
According to G DATA, companies can prevent such attacks by securing their servers with endpoint software that contains an anti-ransomware module. It is also advisable to use a monitoring service. In this way companies can guarantee the reliability and availability of their infrastructure and keep an overview of what is happening in their network. Furthermore, G DATA states that it is important to continuously train employees in cybersecurity.
Other problems that G DATA sees coming up for the coming year is that the number of supply chain attacks is going to increase. Software supply chain attacks typically integrate rogue codes into legitimate software via a component that can modify and infect software. Cybercriminals often know how to do this because updates are not always controlled well by an app store or vendor.
Furthermore, by 2020, companies will continue to digitise and increasingly work in the cloud. This will make companies more dependent on technology. If employees are not consciously aware about security and/or there is no security policy, employees can make mistakes. In the case of former employees who harbour resentment, this can lead to deliberate data leaks, reports G DATA.