LONDON / AGILITYPR.NEWS / December 02, 2019 / WatchGuard warns of more ransomware attacks on the cloud and mobile data networks along with new vulnerabilities in the 5G/Wi-Fi handover
2 December 2019 - 2020 will see a rapid increase in ransomware attacks on the cloud, targeted at industries particularly vulnerable to downtime, including healthcare, government and industrial control systems, according to the WatchGuard Threat Lab. Already a billion-pound industry, ransomware has so far largely left the cloud untouched but as businesses of all sizes move their servers and data, WatchGuard predicts more attacks on consolidated cloud assets, such as file stores, S3 buckets and virtual environments as the cybercriminals evolve to maximise profits.
“The team at our WatchGuard Threat Lab has been tracking the trends over the last 12 months and it is clear that ‘shotgun blast’ ransomware attacks are being replaced by targeted attacks,” said Corey Nachreiner, CTO at WatchGuard Technologies. “Too many companies think that migrating to the cloud means moving their data to a ‘safe haven’. While the threats on the horizon won’t be any less intense, complicated or difficult to manage, we do see a move to simplify security in order to mitigate the risks.”
The WatchGuard Threat Labs’ ‘ones to watch’ for security predictions for 2020 also include:
Security researchers have already exposed flaws in the cellular to Wi-Fi switch when people use devices in public Wi-Fi hubs, which have intelligence built in to automatically and silently switch between cellular and Wi-Fi. So, as 5G is rolled out, it’s very likely we will see a large 5G to Wi-Fi vulnerability exposed in 2020, which could potentially allow attackers to access the voice and/or data of 5G mobile phones when they start to increase in use and operability. The only way to prevent attackers eavesdropping or access data on cellular to Wi-Fi connections is to use a VPN. More information about how to create a secure Wi-Fi deployment can be found at: https://www.trustedwirelessenvironment.com/what-is-a-trusted-wireless-environment/
The more widespread practises of flexible and mobile working mean operating outside the traditional network boundary, which has been a key part of a layered security defence. And as mobile devices can often mask the signs of phishing attacks and other threats, we think that a quarter of all data breaches in the next 12 months will involve telecommuters, mobile devices and off-premises assets.
Most businesses are still terrible at validating online identities. Previously considered too expensive and cumbersome for midmarket organisations, cloud-based multi-factor authentication (MFA) using easy app-based models have become more available and simpler to deploy and use for organisations of all sizes. Mobile phones have also removed the expensive need for hardware tokens. At long last, company-wide MFA will become the de facto standard among all midsized companies next year.
Companies across Europe have already been fined millions of euros for GDPR violations. Meanwhile, the US has no real equivalent, but as companies like Facebook leak more and more of our personal data, which has been used in everything from election manipulation to unethical bounty hunting, US citizens are starting to lobby for greater protection along the lines of the California Consumer Privacy Act which will come into force next year.
Demand for skilled cyber security professionals keeps growing without any recruitment and educational changes which could increase the supply, so we predict the skills gap to widen by an additional 15% next year.
For more information about WatchGuard Threat Lab predictions, please visit:
About WatchGuard Technologies
WatchGuard® Technologies, Inc. is a global leader in network security, secure Wi-Fi, multi-factor authentication, and network intelligence. The company’s award-winning products and services are trusted around the world by nearly 10,000 security resellers and service providers to protect more than 80,000 customers. The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for midmarket businesses and distributed enterprises. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America. To learn more, visit WatchGuard.com.
For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn Company page. Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Subscribe to The 443 – Security Simplified podcast at Secplicity.org, or wherever you find your favourite podcasts.
WatchGuard is a registered trademark of WatchGuard Technologies, Inc. All other marks are property of their respective owners.
Peter Rennison or Laura Berrill, PRPR