In 2020, attackers using social engineering techniques to deliver payloads of malware will continue to adopt mainstream business practices – becoming as professional in their operations as the organizations they attack.
In turn, businesses are seeking to become harder targets by leveraging MSP-provided services to effectively train employees in cyber security best practices and enact safeguards to protect data from breaches and ransomware scenarios.
However, attackers are aware of these protections and they will continue to respond with their own adaptations in an ongoing arms race. These developments will define the security landscape for businesses and the MSPs they rely on in 2020:
Attackers are organizing into criminal enterprises
The image from popular culture of a lone wolf hacker typing furiously to execute a piecemeal attack is not an accurate depiction of today’s attackers. Cybercriminals today increasingly operate like companies and they feature enterprise-grade cyber sophistication.
In fact, malware is now big business. In 2020, it will be more commonplace for illegal software enterprises to deploy attacks at massive scale, and to engage in the same growth and optimization strategies practiced by legitimate companies.
For example, a criminal organization with a ransomware-based business model can easily leverage the dark web to source active email addresses (where procuring 1 million emails can cost $600). The organization can perform ransomware attacks targeting those emails, study the ROI, and then continually refine their business practices through data-driven optimization.
A recent example is how the trucking industry has fallen prey to a number of ransomware attacks – no doubt because analysts at criminal enterprises identified the industry as a particularly ripe target for investment.
Considering that ransomware attacks are estimated to have doubled in 2019, it’s prudent to anticipate that the iterations of these attacks will only grow more potent and dangerous. Given this reality, MSPs should expect businesses to look to them for specific answers when it comes to implementing effective security measures against these threats.
Spear phishing attacks will become all too real
For malware to take root and compromise business systems or data, attackers often need to trick an employee at that organization into enabling access. This is often done by tricking them into clicking a link to download malware onto a system, entering credentials into a false website, and more. Alternatively, some social engineering attack techniques don’t rely on malware at all, and instead simply fool employees into wiring their company’s money to attackers’ bank accounts. Unfortunately, a rise in the sophistication of spear phishing – phishing attacks targeting a specific individual and using detailed personal information to manipulate them – poses a dangerous threat to businesses in 2020.
Attackers can now construct communications full of personal details (easily purchased on the dark web), collected from an individual’s social media accounts and other information available to the public. For instance, imagine an employee with access to company funds or sensitive data receiving an email – identical to any other message from their manager – saying to quickly open an attached file with crucial billing information, or to wire a refund to an important customer. These scenarios put employees under tremendous pressure to avoid making harmful mistakes.
Criminal enterprises are applying their ROI optimization techniques to spear phishing as well, and in 2020, will increasingly target businesses’ e-commerce communications and cloud systems. If they gain access to sensitive customer and purchase data, attackers can then target a businesses’ end-user customers with convincing phishing emails. This then gives them further data to exploit and it leaves those business-customer relationships in ruins.
Implement more robust employee training regimens and safer policies
As malware and spear phishing attacks increase, businesses will seek more effective protections, providing MSPs with opportunities to fulfill the security needs of eager clients. For example, MSPs are currently providing employee training management tools in coordination with data encryption and device access control solutions, to equip businesses with strategically layered security measures.
MSP-delivered training tools teach employees how to recognize phishing and malware threats for what they are. These tools also test employees by sending them realistic (but harmless) phishing emails, and certify employees when their training has proven effective.
As 2020 arrives, MSPs should assist their clients in implementing more effective security policies. For instance, a company policy requiring multiple employees to approve fund transfers could thwart potential spear phishing attacks.
Data backup will become more crucial
For some time, data backup providers and ransomware attackers have been locked in ongoing, high-stakes technological warfare – one in which the victor could render its opponent’s solution entirely ineffective. This is because a business with a complete and available data backup is immune to ransomware. When ransomware strikes and blocks access to systems and data, a business with backup can play it like a get-out-of-jail-free card, ignoring any ransom demands and simply restoring its systems.
Criminal enterprises are savvy to this existential threat, however, and have developed tools that target backup systems as part of their ransomware attacks. Backup providers then introduced capabilities such as air gapped and off-network storage, to which attackers responded with “attack loops” – malware that remains dormant until backed up across any air gaps.
As this battle continues into 2020, MSPs should monitor this conflict and ensure they are providing clients with effective, up-to-date solutions.
Photo: Bloomicon / Shutterstock