- More attacks aimed at exploiting unpatched year-old vulnerabilities
- An increase in stealth/covert execution tactics
- APT-hackers-for-hire becoming the new norm
- 25% of Canadian IT decision-makers report they suffered a COVID-19-themed cyberattack
- IT teams from private and public sectors forced to create in-house policies and cybersecurity trainings for remote workers
- Only 36% of organizations have informed a regulatory body after suffering a data breach
Cloud breaches continue to riddle organizations’ threat landscape, with misconfigured cloud storage services and poor security practices leading to more than 200 breaches in the past two years, according to the latest Accurics report.
With 2020 just weeks away, here at Bitdefender we wanted to share our forecast for the year to come. That said, here are our top predictions for the cybersecurity space in 2020 and what we should be looking out for.
WannaCry is still fresh in our memory, reminding organizations of how distractive an unpatched vulnerability can be especially if weaponized as a wormable threat that delivers ransomware. BlueKeep has been estimated to have the same disruptive potential as EternalBlue (the exploit responsible for WannaCry) if sporting worm-like behavior, especially since RDP is a commonly used service in organizations, allowing IT and security teams to remotely dial into machines.
Sophisticated threats remain one of the main concerns in enterprises today. As environments grow in complexity, malware actors find innovative ways to infiltrate overlooked entry points in the network, hiding behind the scenes to wreak havoc without ever making a full-blown appearance.
After 40 percent of UK businesses reported data breaches or security incidents in the past year, the government wants to completely “design out” complex cyber risks and attacks. To achieve this and strengthen national infrastructure and consumer security, officials plan to issue an impressive challenge to enterprises across the UK.
2020 will bring the end of Windows 7, following Microsoft’s announcement that it will no longer offer support and updates for the operating system starting January 14, 2020. But companies appear to have had a good run with it and are not yet ready to say goodbye, a Kollective survey of 1,000 US and UK enterprise IT professionals has found.
/may%202018/guy_with_servers.jpg)
The popularity of container technology has grown fast in software engineering, but 60 percent of organizations suffered at least one container-related security incident in 2018, mostly caused by the advancement of DevOps teams, according to Tripwire’s State of Container Security Report. 71 percent anticipate an increase in container security incidents in 2019, most likely raising the costs of hybrid cloud security.
Key infrastructures are in the crossfire of cyberwarfare. Growing threats and sophisticated nation-state attacks backed by North Korea, China and Russia jeopardize public safety and national security. Which one is the bigger threat?
The lack of political leadership to face targeted attacks is contributing to the poor job the UK is doing on its national security strategy, says a UK government report discussing the cyber security of the nation’s critical national infrastructure.
The US Department of Homeland Security Computer Emergency Readiness Team has just issued a technical alert earlier this week, warning that US companies operating in critical sectors are at risk, as cyberespionage attempts from foreign governments were detected. Key targets include Information Technology (IT), Energy, Healthcare and Public Health, Communications, and Critical Manufacturing. From as early as May 2016, CERT says extensive Advanced Persistent Threat tactics, techniques, and procedures were deployed to infiltrate MSPs (managed service providers) customer networks to steal confidential information and interfere with government and business operations.
