Cyber Cold War

Check Point Software Technologies, a leading provider of cyber security solutions globally, has unveiled its cyber-security predictions for 2020. They reveal the major cyber incidents and technical developments that Check Point’s researchers anticipate will impact our societies and businesses in the coming year, and indicate the security strategies that will help both governments and private organizations to prevent these incidents causing widespread damage and disruption.

Check Point’s global cyber-security predictions for 2020 are:

1. New cyber “cold war” escalates

There will be a new cold war, and it will be conducted in the online world as Western and Eastern powers increasingly separate their technologies and intelligence. The ongoing trade war between the U.S. and China is a clear indicator of this.

Cyber-attacks will increasingly be used as proxy conflicts between smaller countries, funded and enabled by large nations looking to consolidate and extend their spheres of influence, as seen in the recent cyber operations against Iran, following attacks on Saudi Arabia’s oil facilities.

2. Fake news 2.0 at the U.S. 2020 elections

The U.S. election in 2016 saw the beginning of AI-based propagation of fake news. Political adversaries made huge progress creating special teams that created and spread false stories to undermine support for their opponents. U.S. candidates can expect that overseas groups have already made and are implementing plans to influence the 2020 elections.

3. Cyber-attacks on utilities and critical infrastructures will continue to grow

Utilities continue to be a target of cyber-attacks, as seen from attacks on U.S. and South African utility companies this year. In many cases, critical power and water distribution infrastructure uses older technology that is vulnerable to remote exploitation because upgrading it risks service interruptions and downtime. Nations will need to look at radically strengthening cyber defenses for their infrastructure.

Check Point’s technical cyber-security predictions for 2020 are:

1. Targeted ransomware attacks increase

2019 saw ransomware being increasingly targeted against specific businesses, local government and healthcare organizations. Attackers are spending time intelligence gathering on their victims to ensure they can inflict maximum disruption, and ransoms are scaled up accordingly.

Attacks have become so damaging that the FBI has softened its stance on paying ransoms: it now acknowledges that in some cases, businesses may need to evaluate options to protect their shareholders, employees and customers. This in turn will drive an increase in organizations taking out insurance policies against ransomware, which will also increase attackers’ ransom demands.

2. Phishing attacks go beyond email

While email remains the #1 attack vector, cybercriminals are also using a variety of other attack vectors to trick their intended victims into giving up personal information, login credentials, or even sending money. Increasingly, phishing involves SMS texting attacks against mobiles, or use of messaging on social media and gaming platforms.

3. Mobile malware attacks step up

The first half of 2019 saw a 50% increase in attacks by mobile banking malware compared to 2018. This malware can steal payment data, credentials and funds from victims’ bank accounts, and new versions are available for widespread distribution by anyone that’s willing to pay the malware’s developers. Phishing attacks will also become more sophisticated and effective, luring mobile users to click on malicious weblinks.

Check Point’s founder and CEO, Gil Shwed said, “As our societies increasingly rely on seamless always-on connectivity, criminals and nation-state threat actors have even more opportunities to influence the outcomes of political events, or cause massive disruption and damage that puts thousands of lives at risk. Attacks are constantly increasing. Over the past year, our ThreatCloud blocked nearly 90 billion compromise attempts per day – compared with estimated six billion daily searches on Google.

“We can no longer defend ourselves using traditional detection-based security models: by the time we detect the threat, the damage has already been done. We need to automatically block these advanced new Gen V attacks and prevent them disrupting the systems we rely on, using Gen V security that combines real-time threat prevention, shared intelligence and advanced protections across all networks, cloud and mobile deployments,” Shwed continued.