The year 2020 is turning out to be one of the most challenging years of our time, yet the threat of cybercrime seems to be gaining momentum. Strange and perplexing as it may be, the current environment with COVID-19 presents a perfect breeding ground for the most nefarious of attacks and scams to take place. Indeed, there are countless scams and phishing campaigns out there taking advantage of the current situation.
There is no indication that cybercrime will dissipate or slow down soon, quite the opposite. For instance, a recent Cybersecurity Ventures report shows cybercrime to be the biggest threat to individuals and companies as we head towards 2021. According to the report, cybercrime damages are set to hit the $6 trillion yearly mark in 2021, an ominous figure given what has already been lost in the past few years to cybercriminals and internal threats.
With these realities in mind, it’s imperative that individuals go above and beyond normal safety practices and tools to protect themselves to a point that they can and where they have control. At the same time, companies holding user data don’t need any more motivation or push to change their security practices as regulators clamp down on them with new laws.
This brief guide aims to highlight some of the emerging threats in cyberspace today based on what has already been documented and analyzed. It also explores some of the practices and tools you need to adopt to protect yourself against cyberthreats in 2020.
5 major cyber risks facing the public in 2020
Social engineering threats
You have probably received a few direct messages on social media in the recent past from someone you have no connection with but who crafted their text in a way that caught your attention. Perhaps, it’s could be someone pretending to be a sports personality you follow or a long-lost friend. This is just an example of the modern form of social engineering.
A recent cyberthreat survey conducted by Verizon shows that 30% of attacks in the last year or so were social engineering attacks. This is a leap from what we had in the past, where direct hacks and viruses were the dominant forms of attack with social engineering left for inexperienced and scammers.
The growth of social media has definitely made social engineering threats more potent and lucrative to both experienced and inexperienced cyber criminals. More worryingly, it’s really hard to ward off social engineering attacks with conventional tools such as antivirus software or firewalls.
Session hijacking and IoT threats
There is an emerging interest in attacks targeting networks especially those connecting IoT devices and public networks. A majority of new tools in underground hacking markets are specifically made to hijack sessions, breach new WIFI protocols and control all manner of IoT devices on the internet. Recent reports show a sharp rise in attacks on devices active on unsecured networks targeting the following communication and security protocols/services
- SSH -used in most IP cameras systems, media servers and other secured home devices
- Telnet services- IoT devices such as television sets and smart speakers may communicate via Telnet
- Public Wi-Fi, among others.
These kinds of threats are also quite hard to ward off with conventional antivirus tools as they tend to happen on active networks. At the same time, it’s becoming harder to keep track of security updates especially for IoT devices popular in smart home setups and modern offices.
Cloud applications present new vulnerabilities
The email client, note-taking app or collaboration app you are using is probably hosted on the cloud. The shift towards cloud computing has brought with it a new set of threats in 2020. Cybercriminals are now targeting users who do most of their work on cloud apps through traditional and modern attack methods.
It’s not yet clear to what extent cybercrime might impact cloud services at this point. However, being aware of the changing landscape as far as application vulnerabilities are concerned is good for you. For instance, your cloud provider might have all the safeguards in place yet hackers sniffing your communications can still access your data while it’s on transit.
Ransomware attacks becoming commonplace
Ransomware was in every headline for the better part of 2017 and 2018. Fast forward to 2020 and things look quite different. While a single malware release could have attracted a lot of coverage in the last few years, 2020, has seen a number of ransomware attacks being released and affecting millions of users and companies around the world. Protecting yourself against this new threat goes beyond basic antivirus software.
Phishing attacks getting more sophisticated
No discussion on present-day cyberthreats is complete without mentioning phishing attacks. Phishing attacks have been getting better and better in the last few years and are bound to increase in 2020. Again, phishing attacks are extremely hard to catch with normal antivirus software.
3 effective security tools to protect yourself against these new threats
Secure email services
You might find it necessary to invest in secure email services that provide enhanced protection as compared to normal services such as Gmail. This means paying for an email service as opposed to using free ones. There are countless secure email services out there to choose from in 2020.
Browse securely with a VPN
Accessing the internet with a VPN is becoming a necessity with the growing threat from cybercriminals. Consider downloading a VPN app to secure all your communications and data to and from your devices. A VPN encrypts your data and keeps it away from hackers that might be lurking on your network.
Invest in robust security package
Good antivirus software in 2020 should have both internet and device security as standard. Internet security should protect from most browser-based attacks that may not be detected on a normal antivirus application.
Lastly, consider a standalone firewall application
A basic firewall, usually bundled with your operating system may not protect you from these emerging threats, you may benefit more from a standalone firewall service that has better web-filters and other defenses.