Five Terrifying Cyber Security Trends for 2020

In late 2018, security researchers began reporting a new wave of email phishing attempts that threatened to release captured Webcam footage of users if they did not pay a ransom. The poorly written email would start by stating the user’s actual password and that they have complete control of their system. Once they got your attention, they would go on to tell you that they’ve recorded you doing some compromising things through your webcam, and they’re going to send it to everyone on your contact list if you don’t pay the Bitcoin ransom.

To make it appear more authentic, these attackers would spoof the source email address to make it look like it was coming from your own personal email. Of course, after some research, it was determined that the attacker did not actually have access to your system, but they were using your leaked password from previous public breaches. The attacker would find login credentials from websites like the now-defunct leakedsource.com, which would index passwords from public breaches and then send an email to users who were affected by the breach. If you’re practicing good password hygiene like not reusing the same password for various sites or constantly rotating them, you probably would know it is a fake threat.

Still, these criminals received as much as $50,000 in one week. This is a good reminder to everyone, rotate your passwords and be careful what you do in front of a WebCam. Of course, if you want to find the identity of the attacker, you can always make use of a People Search Website like Nuwber.

In December 2018, a Texas couple, heard disturbing noises coming from their baby’s room. As they entered the room, a man’s voice is heard coming from their cloud-enabled baby monitor, saying, “I’m in your baby’s room and I’m going to kidnap your baby”. The voice appeared to have been coming from someone who had remotely accessed their nest camera in the cloud. 

Sadly, there have been numerous other reports in 2019 of strangers talking and even threatening people through their nest camera. These disturbing stories are examples of how IoT devices continue to be an area of concern for businesses and consumers. 

Shodan is a popular search engine for devices connected to the Internet except instead of looking for websites it crawls the IP space for information on IoT devices. It does this by grabbing service banners that indicate the type of devices that are connected to the IP. Attackers go on Shodan and search for devices or specific manufacturers that they’re looking to target. So it shouldn’t come as much of a surprise that the top searches on Shodan are webcam cams and nest cam. If you have an unprotected device connected to the Internet, there’s a good chance it can show up on Shodan and therefore available to anyone who sees it.

A firewall will help block these Web crawlers and other unauthorized users from accessing your internal devices. However, a firewall won’t help you if a device requires a cloud connection, and there’s always a risk that someone can infiltrate that cloud and steal your credentials.

Another terrifying phishing attempt that has been making its rounds recently is the hitmen email. In another poorly written email, an attacker would claim to own a darknet website that provided murder for hire. The attacker claims that they found your name as one of the targets and being the generous person that they are, they wanted to reach out to you and offer the ability to cancel the hit for an amount of money. The attacker would then provide a Bitcoin address and a deadline of 48 hours to pay.

In any case, researchers have determined that most hitmen for hire websites on the darkweb are fake. They take their client’s money with no intention of rendering any “services”.

2019 has been a huge year for IoT devices. But as TV’s, refrigerators and baby monitors all get smarter, they also became ticking time bombs for large scale botnet attacks against us. According to a 2019 Q3 report by Kaspersky, attackers had found a way to use a rare protocol on IoT devices, such as IP cameras to network printers, to amplify large scale DDOS attacks. This massive increase is being attributed largely to the giant influx of IoT. 

Devices are being compromised and joining an army of botnets available for attack. Attackers are targeting IoT devices for a number of reasons, but the most obvious is that they make for perfect botnets. Once compromised, they sit there undetected until they’re called upon to launch an attack. And, once you’ve compromised one device, you can generally use the same attack against all devices with the same vulnerability. 

In October 2018, Bloomberg wrote an article about how Chinese spy chips had been embedded into some of the world’s biggest companies. This caused ripples through the cybersecurity industry through 2019. The article gained mainstream media attention and called on companies like Apple and Google to investigate their physical servers for the presence of these tiny spy chips. 

The problem is, no proof has ever found that these tiny chips actually made it into the physical servers of these US companies. It did bring awareness to a very real problem, supply chain attacks. A supply chain attack occurs when someone infiltrates your system through an outside partner or provider with access to your data. It can come in the way of physical chips embedded inside servers, but much more commonly, it comes through third-party software. According to a survey from the Ponemon Institute, 56% of organizations that have had a breach say was caused by one of their vendors. The 2014 Target breach and the 2018 Equifax breach are both examples of supply chain attacks. 

Conclusion

So, what can we make of these cyber security trends for 2020? Well, we know phishing attacks are going to get smarter, and IoT devices need additional security controls. Phishing has always been a numbers game. The majority of people won’t click or open an email, but if an attacker could just get one person out of 500 to open it, then they are successful. But, introducing even a tiny bit of personalization can dramatically change those odds on an email that includes a password you may have used in the past. It has a far better likelihood of being opened than the generic mass emails we usually get.

IoT devices shouldn’t be trusted and a good security practice is to isolate them into their own network with no access to internal resources. But, you should also be controlling all inbound and outbound traffic to and from the IoT devices. Locking down the outbound traffic can prevent them from becoming a DDOS agent and blocking inbound connections would prevent them from being mapped by attackers and other Web crawlers like Shodan.