2020 predictions from APAC cybersecurity experts

Image credit: BeeBright / Shutterstock.com

Cybersecurity experts from Malwarebytes and DigiCert have identified the following 2020 Security Predictions for the APAC region:

Ransomware attacks on businesses and governments will continue at a more rapid pace, thanks to newly found vulnerabilities.

“In 2019,we have seen more malware developed to focus on business targets as opposed to the consumer. Compared to last year, we saw a 235 percent increase in threats aimed at organizations from enterprises to small businesses, with ransomware as a major contributor. In Singapore alone, ransomware detections against businesses in the last year have risen 81%, according to a Malwarebytes report. Bottom line, more vulnerabilities means more development of malicious tools designed to attack networks more effectively. Therefore, we are likely to see more non-affiliated cybercriminals utilizing tricks developed by state-sponsored malware groups (APT) as we did with EternalBlue.”

Jeff Hurmuses, Area Vice President and Managing Director, Asia Pacific at Malwarebytes

Healthcare organisations will continue to be hot targets for threat actors, given the sensitivity of the data held by these organisations.

“As Singapore continues on the journey of digitalising the healthcare sector, there will be more threat actors attempting to find loopholes in the system in order to steal data. Earlier cases of data leaks such as the records of HIV patients as well as the mishandled personal data of blood donors by the Health Sciences Authority (HSA) did not result in data landing in the hands of hackers. However, we may not be as lucky next time. Healthcare is currently the seventh-most targeted industry by cybercriminals according to data from Malwarebytes, and this highlights the growing threat and reason for increased concern about healthcare security as we move into 2020.”

Jeff Hurmuses, Area Vice President and Managing Director, Asia Pacific at Malwarebytes

We will see an increased use of DeepFake technology for malicious purposes.

“For example, scammers and malware authors will attempt to sabotage electoral candidates or politicians by spreading falsehoods. There may be more incidents like the controversial video of a Malaysian Minister or even the use of such technology to make women the victims of digital sexual crimes, as DeepFake tech will either be incredibly subtle or incredibly convincing to the point where it would require a lot of digging to determine whether it was fake. Regardless of the tactics for scamming, the real threat will be the attacks on our hearts and minds through social media and media manipulation.”

Jeff Hurmuses, Area Vice President and Managing Director, Asia Pacific at Malwarebytes

Web skimmers will broaden their impact by going after more e-commerce platforms.

“Looking at web skimming activity, we see that there is no target too big to take on and that no platform will be spared. As long as there is data to be stolen, criminals will put the effort to either compromise online merchants directly or indirectly, as seen from the Uniqlo breach and Sephora breach earlier this year that saw over 460,000 and 3.7 million leaked records respectively. Although the majority of them silently lurk at the checkout form where customers enter their payment data, we are starting to see skimmers impersonating payment processors and attempting to phish information. As such, we can expect skimmers to use novel attack techniques in future.”

Jeff Hurmuses, Area Vice President and Managing Director, Asia Pacific at Malwarebytes

Hackers will continue to find vulnerabilities in IoT devices.

“IoT Security: hackers will continue to find vulnerabilities in consumer devices since security is not top of mind when these devices are developed. Industrial IoT security has improved especially for critical systems such as automotive, SCADA and healthcare”.

Dean Coclin, Senior Director, Business Development at DigiCert

We will see more IoT security efforts across the board.

“We will see more public exploits on IoT devices that will cause regulators to strengthen their position on IoT security. More global governments will introduce IoT security regulation. We will see industries come together in an effort to create standards for securing IoT devices in their industry.  These efforts will be an attempt to avoid regulation”.

Mike Nelson, Vice President of IoT Security at DigiCert

Quantum computers will be able to solve economically important problems.

“The National Institute of Standards and Technology (NIST) will have standardized a PQC algorithm by 2022-2024, kicking off a global effort to deploy it. Companies that have inventoried their cryptographic systems and emphasized cryptographic agility will have a relatively easy time deploying it; others, not so much. A quantum computer will solve an economically important problem next year. This will kick off a new era of investment in accelerating quantum computing development based on the demonstration of practical benefits. Adoption of post-quantum cryptography will need to keep up”.

Tim Hollebeek, Industry and Standards Technical Strategist at DigiCert

Be the first to comment

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.