{"id":937,"date":"2020-01-09T09:44:54","date_gmt":"2020-01-09T04:14:54","guid":{"rendered":"https:\/\/www.hostnamaste.com\/blog\/?post_type=news&p=937"},"modified":"2023-09-12T18:51:43","modified_gmt":"2023-09-12T13:21:43","slug":"top-10-security-trends-to-watch-out-for-in-2020-juniper-networks","status":"publish","type":"news","link":"https:\/\/www.hostnamaste.com\/blog\/news\/top-10-security-trends-to-watch-out-for-in-2020-juniper-networks\/","title":{"rendered":"Top 10 Security Trends to Watch Out for in 2020 – Juniper Networks"},"content":{"rendered":"
\"Top
Top 10 Security Trends to Watch Out for in 2020 – Juniper Networks – HostNamaste<\/span><\/a><\/span><\/strong><\/figcaption><\/figure>\n

As 2020 begins, rapid transformation of technologies will continue in order to make business practices more productive and efficient. With emerging technologies like IoT<\/a><\/strong>, and AI\/ML maturing in 2020, security threats are poised to increase and become even more rampant. Here are 10 security predictions for 2020 from Juniper Networks<\/a>\u2019<\/strong> leading security experts including, Trevor Pott, Technical Security Lead, Mounir Hahad, Head of Juniper Threat Labs, and Laurence Pitt, Global Security Strategy Director.<\/span><\/p>\n

Emerging Technologies, Tried and True Threats<\/strong><\/span><\/h2>\n

As security experts roll out their predictions for 2020, we can expect to see a large focus on emerging technologies like deepfakes. The truth of the matter, however, is that new attack vectors take time to become common and will likely not be an immediate threat. The Bluekeep vulnerability, for example, is only just being weaponized in earnest, despite being revealed in May, and it is vastly less complicated to use than something like deepfakes. Instead, 2020 will likely bring steady improvements in traditional attacks that dominate the market. The most common and effective attacks are those which rely on humans to do something they shouldn\u2019t. All indications are that preying on human error will continue.<\/span><\/p>\n

2020: The Year of Cloudy Compromise<\/strong><\/span><\/h2>\n

As 2019 comes to a close, credential stuffing attacks are on the rise. This is unsurprisingly so, as the number of credentials compromised every year increases and new records are regularly set for the size and scale of various data breaches. In the new year and beyond, security professionals would be wise to pay close attention to Software as a Service (SaaS) applications and Infrastructure as a Service (IaaS) accounts, especially those at major cloud providers. The larger the userbase, the richer the target, and even after decades of warnings, people still reuse credentials all over the internet. Multi-factor authentication<\/strong><\/a><\/span> will be the best defense but remains somewhat niche in terms of real-world use.<\/span><\/p>\n

U.S. 2020 presidential elections will incite both broad and targeted attacks<\/strong><\/span><\/h2>\n

The looming U.S. presidential election is too big of a target to be ignored by nation state actors. I suspect we will identify meddling attempts on social media<\/a><\/strong>, albeit using more sophisticated methods than four years ago. Some commercial entities have developed a business model around this kind of interference and have been honing it in various theaters around the world, so I suspect their services will be sought after by parties interested in a particular outcome of the elections or wanting to sow discord and doubt in the election process. Deep fakes may be the name of the game, in this regard. Additionally, we will probably identify attempts at infiltrating campaign staff using phishing emails and spyware.<\/span><\/p>\n

Tokyo Olympics will be targeted with a cyber attack<\/a><\/strong><\/span><\/h2>\n

This has become the norm. The Olympic Games have been a target of attacks aiming to sabotage the event or spy on the governing body, especially around doping investigation activities. I predict that a cyber-attack on the Olympics infrastructure will probably succeed to some extent.<\/span><\/p>\n

First large scale IoT ransomware attack<\/strong><\/span><\/h2>\n

In 2020, the number of IoT<\/a><\/strong> devices plugged into the internet will reach a threshold that will present an attractive target for cyber criminals. We will probably start seeing the first ransomware attacks<\/a><\/strong> on a large-scale targeting IoT devices running on low power microprocessors and using the Android or Linux operating system.<\/span><\/p>\n

Phishing attacks will become smarter and harder to detect<\/strong><\/span><\/h2>\n

Cyber criminals can use publicly available information scattered across the internet to build a simple picture of someone \u2013 political beliefs, interests, pets, job, family \u2013 in order to execute a more effective attack. The internet has vast amounts of data on who we are, and it\u2019s often in public view. On Facebook<\/a>, Instagram<\/a>, LinkedIn<\/a>, Twitter<\/a>\u00a0, Youtube<\/a>,<\/strong> and other platforms, we\u2019re sharing information, engaging and commenting about our personal and professional lives.<\/span><\/p>\n

In 2020, people should expect much more of this at a much smarter level. We will see more phishing emails using publicly available personal data in order to directly address who you are \u2013 making sure to keep it relevant while making it even harder to spot the difference between a phish and a genuine email. My advice is to stop clicking on email links. If you receive an email from your bank, an online retailer or a provider, make your first port of call their official website. Then, login and attempt to validate that the email is genuine. Additionally, use a password manager because most will not input passwords to fake sites when the website address is not recognized. This has saved me on a couple of occasions \u2013 and I consider myself to have a level of expertise!<\/span><\/p>\n

Deepfakes will present a real problem in the coming years as technology continues to advance and bad actors try to sway public opinion<\/strong><\/span><\/h2>\n

Deepfake is one of the scariest cyber-attacks currently being advanced and exploited on the internet. It might have all started in Hollywood, but now we\u2019re seeing politically motivated deepfakes featuring politicians making statements they\u2019ve never actually said. In 2020, this could become even more interesting, and we may see deepfakes used in social engineering to gain access to corporate data. What if a deepfake video was created of a corporate CTO making forward statements that affected their stock-price? Or, more simply, a deepfake of the CFO on a video-conference call with his team asking them to manipulate or share data? All these present a very possible \u2013 and somewhat scary \u2013 use for this technology.<\/span><\/p>\n

Cybercriminals will rely more on socially engineered attacks aimed at exploiting human psychology<\/strong><\/span><\/h2>\n

Generic attacks are failing. It\u2019s not just that we are getting smarter, but also that security is smarter and will prevent many attacks from even reaching the intended recipient. For this reason, we are seeing growth in socially engineered attacks. There is enough publicly available information for any criminal to build a good profile of their targeted individual: what they look like, where they live, their job-history, pets, friends, etc. With this data it becomes much simpler to directly contact a victim and elicit response or engagement.<\/span><\/p>\n

In 2020, citizens should become more suspicious. Read any email closely, and, if an email seems out-of-character, then it may be. One tip from me, many sites ask for password recovery questions, for example, your first school, best friend or model of car. There\u2019s nothing that says you must give the CORRECT answer to any of these questions, just that you know the answer that you gave! This way, if someone can socially engineer information from you, they still won\u2019t have any of the answers they need.<\/span><\/p>\n

The race to 5G will continue to ramp up and prompt security teams to reevaluate their internal security posture<\/strong><\/span><\/h2>\n

5G is going to mean that everything about the network moves closer to the edge. The improvements in speed and reductions in latency will allow much greater flexibility for deployment of applications and data. Over the coming years, security teams will need to review their security policies and processes in order to keep up and account for moving security closer to the edge of the network. Without quick detection and containment, by the time a threat is detected in a 5G network it will have had time to traverse key areas with the potential for causing significant damage (or hiding and waiting). Organizations will need to look at how they can leverage both security and non-security devices as part of their security posture, making use of data from both to strengthen posture and speed detection and response.<\/span><\/p>\n

More connected devices will give rise to new types of attacks, challenging enterprises<\/strong><\/span><\/h2>\n

When we talk about connected device risk, it\u2019s no longer just about mobile phones<\/a><\/strong> and tablets. In the drive to be more efficient, greener and responsive to market changes, there is pressure to take advantage of IoT (and IIoT) to make this happen. The bigger challenge comes from these swathes of other IoT being connected to corporate networks, where adoption often happens at the speed of business and security struggles to keep up. Many of these devices do not have security built in at the device level and so security needs to be considered as part of the overarching network posture.<\/span><\/p>\n

Expect cybercriminals to take advantage of this. We\u2019ve already seen success with Mirai. As new IoT<\/a><\/strong> is rolled out and security teams struggle to keep up with updates and patches, there will be more opportunities for criminals to abuse this vector and gain access.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

As 2020 begins, rapid transformation of technologies will continue in order to make business practices more productive and efficient. With emerging technologies like IoT, and…<\/p>\n","protected":false},"author":2,"featured_media":939,"comment_status":"open","ping_status":"closed","template":"","tags":[1260,1252,1254,1255,1261,1257,1251,1256,1253,1258,1238,1262,1259],"news-category":[1237,1248,1240,1242,1243,1245,1244,1241,1246,1250,1247],"class_list":["post-937","news","type-news","status-publish","has-post-thumbnail","hentry","tag-2020-the-year-of-cloudy-compromise","tag-challenging-enterprises","tag-cybercriminals-will-rely-more-on-socially-engineered-attacks-aimed-at-exploiting-human-psychology","tag-deepfakes-will-present-a-real-problem-in-the-coming-years-as-technology-continues-to-advance-and-bad-actors-try-to-sway-public-opinion","tag-emerging-technologies","tag-first-large-scale-iot-ransomware-attack","tag-more-connected-devices-will-give-rise-to-new-types-of-attacks","tag-phishing-attacks-will-become-smarter-and-harder-to-detect","tag-the-race-to-5g-will-continue-to-ramp-up-and-prompt-security-teams-to-reevaluate-their-internal-security-posture","tag-tokyo-olympics-will-be-targeted-with-a-cyber-attack","tag-top-10-security-trends-to-watch-out-for-in-2020","tag-tried-and-true-threats","tag-u-s-2020-presidential-elections-will-incite-both-broad-and-targeted-attacks","news-category-top-10-security-trends-to-watch-out-for-in-2020","news-category-2020-the-year-of-cloudy-compromise","news-category-challenging-enterprises","news-category-cybercriminals-will-rely-more-on-socially-engineered-attacks-aimed-at-exploiting-human-psychology","news-category-deepfakes-will-present-a-real-problem-in-the-coming-years-as-technology-continues-to-advance-and-bad-actors-try-to-sway-public-opinion","news-category-first-large-scale-iot-ransomware-attack","news-category-phishing-attacks-will-become-smarter-and-harder-to-detect","news-category-the-race-to-5g-will-continue-to-ramp-up-and-prompt-security-teams-to-reevaluate-their-internal-security-posture","news-category-tokyo-olympics-will-be-targeted-with-a-cyber-attack","news-category-tried-and-true-threats","news-category-u-s-2020-presidential-elections-will-incite-both-broad-and-targeted-attacks"],"acf":[],"_links":{"self":[{"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/news\/937","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/news"}],"about":[{"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/types\/news"}],"author":[{"embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/comments?post=937"}],"version-history":[{"count":1,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/news\/937\/revisions"}],"predecessor-version":[{"id":5756,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/news\/937\/revisions\/5756"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/media\/939"}],"wp:attachment":[{"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/media?parent=937"}],"wp:term":[{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/tags?post=937"},{"taxonomy":"news-category","embeddable":true,"href":"https:\/\/www.hostnamaste.com\/blog\/wp-json\/wp\/v2\/news-category?post=937"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}