Back to the future: The 2020 cyber-threat reality

Examining the reality of today’s cyber security landscape, and the concerning trends that came out of 2019 and how they can be best addressed.
Read time 4min 30sec

As the world grapples to curb the spread of COVID-19 − which is now also delaying the biggest sporting spectacle on earth, the Olympic Games – scientists race to accelerate the development of a vaccine to combat the diffusion of the virus.

In early March, Japan's Olympic minister stated the Tokyo 2020 Games, scheduled to take place in July and August, could be postponed until later in the year. And earlier this week, it was announced the 2020 Summer Olympics will be postponed by one year due to coronavirus.

What has flown slightly lower under the radar is the warning issued by the Japanese Public Security Intelligence Agency to the effect that a state-sponsored cyber attack on the Tokyo 2020 Summer Olympic and Paralympic Games was anticipated. This statement was issued after the discovery of early phishing e-mails doctored to look as though they were coming from Olympic staff.

Nation-state-backed cyber attacks

Cyber attacks endorsed by nation-states are not new to the Olympics, with host nations in recent years scrambling to gear up their technology capabilities in order to deal with this threat. However, the capabilities of what are now being referred to as ‘threat actors’ appear to be escalating with each new event.

The 2016 games in Rio was forced to ward off a massive distributed denial of service attack; whereas the 2018 Winter Olympics in PyeongChang had to circumnavigate the successful ‘Olympic Destroyer’ attack on data centres in Seoul. The latter temporarily shut down the site’s IT infrastructure and caused various disruptions for the first day of the games.

A holistic approach to the new security generation is what is needed.

We expect that attackers won’t “discriminate” with the 2020 Olympiad and they’ll invest as much effort, if not more, to disrupt this highly-anticipated − and lucrative − event. The bottom line is that to cyber criminals, all major events pose an opportunity for ill-gotten gains. So, what can we expect as we move through 2020? Let’s expand on that.

Phishing warning

Phishing increasingly involves SMS texting attacks against mobile devices or the use of messaging on social media and gaming platforms. However, e-mail still remains the top attack vector with threat actors using a variety of techniques to access sensitive information.

They also use a variety of other methods to dupe intended victims into revealing login credentials and more. Phishing will continue to become more sophisticated and effective, luring mobile users to click on malicious Web links.

Mobile banking malware on the rise

Last year’s figures revealed a 50% increase in attacks by mobile banking malware, for the first half of the year over the same period in 2018.

This included theft of payment data, credentials and funds from victims’ bank accounts. One of the reasons behind this growing trend may be the fact that mobile banking malware does not require a high level of technical knowledge to either operate or develop.

Increased IOT devices bring greater risks

The use of Internet of things (IOT) devices is increasing every year and may accelerate exponentially as 5G networks roll out. This will in turn increase networks’ vulnerability to large-scale, multi-vector Gen V cyber attacks.

IOT devices and their connections to networks and clouds are a weak link in security. It’s hard to have visibility of these devices and they can also have complex security requirements. IOT security needs to combine both traditional and new controls if it is to protect these ever-growing networks.

Today, IOT devices include everything from IP cameras, Internet-enabled devices in the home, smart elevators, through to medical and industrial controllers. Most of these appliances are not protected at all – which is a huge mistake. Moreover, many are connected to corporate networks, opening an unlocked door to crucial systems.

A holistic approach to the new security generation is what is needed. Always-on security delivered via micro-plugins that can work with any device or operating system in any environment, controlling all data that flows to and from the device, is what is required.

The public cloud conundrum

The Google Cloud Outage recorded a year ago this month is one example of where increasing reliance on public cloud infrastructure enhances enterprises’ exposure to the risk of outages. Companies dependent on one service for their ability to operate would do well to have a backup plan in case these services go down.

Organisations must scrutinise their existing data centre and cloud deployments, and consider hybrid environments that comprise both private and public clouds. The adoption of new and more efficient cloud-based services may open doors for business growth but security controls must not lag behind new technology uptake.

In essence, every IT environment is a potential target: on-premises networks, cloud, mobile and IOT devices. However, through the use of advanced threat intelligence to power unified security architectures, businesses of all sizes can automatically protect themselves from future attacks.

In my next Industry Insight, I will elaborate on industry best practices for a multi-cloud security approach.

MJ Strydom

MD, DRS, a Cyber1 company

Strydom joined DRS in 2006 as part of the finance team and worked himself up through the company and was appointed managing director in 2017. He boasts a wealth of experience in finance and business, and oversees the smooth daily running of the company, which has over 85 employees and in excess of 130 clients. Strydom took a Bachelor of Social Sciences degree at Rhodes University, and upon graduation, went to London where he spent the next four years in financial management roles.

Login with