Each year, BlackBerry Cylance publishes a Threat Report analyzing the current threat landscape and predictions for the coming year. The Threat Report for 2020 can be taken as a basis to not only look at the major threats that occurred in the past year but to analyze the evident security issues that exist and pose challenges to today’s inter-connected world.
According to BlackBerry Cylance, 2019 observed an increase in Advanced Persistent Threats (APTs) and development of the vectors, tools, and techniques used to carry targeted attacks. Advancements in encryption mechanisms allowed criminals to successfully hide malicious activities and hence, target different enterprises and industries. Using methods, such as steganography, permitted criminals to safely hide their attack methods and avoid being detected. These methods are very sophisticated in nature, which could often bypass Managed Security Service Providers (MSSPs).
Major attack vectors
Three main vectors emerged in 2019, posing major threats to enterprises, which include phishing, ransomware, and cryptocurrency mining.
While criminals are constantly developing their tools and techniques to attack enterprises, it is interesting to observe the industries they target and the underlying motives. According to BlackBerry Cylance, the top three industries that were largely affected by attacks were:
These industries are highly data-driven, technology-oriented or human, and time-sensitive.
The retail and wholesale industry store user information, such as log-in credentials, addresses, and banking details. Attackers, therefore, target this industry to exploit sensitive data and manipulate businesses. Technology/software, on the other hand, stores valuable product information such as intellectual property. Stealing such information allows attackers to utilize the source codes and resell the software, destroying the whole value chain of the targeted company. Healthcare is a very critical and sensitive industry, as it not only stores profound personal information, but deals directly with human lives. Hijacking healthcare systems allows attackers to obtain huge financial benefits as such institutions are likely to pay the ransom immediately.
Other industries that were affected include:
Mobile device security
As Blackberry Cylance notes, there has been a 280% surge in stolen credentials since 2016. Growth of wireless information and connected devices has evidently induced the number of such attacks. One major threat posed to businesses is the bring-your-own-device policies because employees access critical company information and data through their personal mobile phones or computers. Often, these devices are insecure, and therefore, if attackers gain access to your device, they gain access to sensitive company information.
Many enterprises adopted the multi-factor authentication (MFA) or two-factor authentication (2FA) technique, which provides an additional security layer to confirm identity and log into accounts. However, attackers discovered loopholes to exploit flaws, intercept codes, or redirect SMS communications, which consequently permits access to the device.
One way to avoid losing control to attackers, according to BlackBerry Cylance, is to implement continuous user authentication through AI to detect and analyze user behavior. BlackBerry Cylance announced to offer new, advanced identity access technology in the medium run that will offer stronger and total mobile protection.
Deep fake technology
Researchers at BlackBerry Cylance found the use of deep fakes increasing at an alarming rate during the first 7 months of 2019. The recently coined term refers to machine learning techniques that can alter and manipulate a real person’s image or speech. This has widely spread among the geopolitical landscape, as criminals can modify the speech of public figures to spread fake news or deformed perspectives. At the same time, it can highly affect the business world as the technology can be used as a social engineering tool to target employees through fake audio of CEOs or upper management that can affect the decision-making process and result in dire impact on the business operations.
Misconfigured cloud resources
Unsecured cloud databases pose a large threat to the enterprise, which leads to publicly exposing internal information. Researchers at BlackBerry Cylance found on average, at least three breaches attributed to unsecured databases every month, leading to a total of over 7 billion records exposed publicly. This is largely due to implementing security measures only after getting pressure for compliance and regulatory reasons.
The automotive industry is shifting towards a more mobile ecosystem with vehicles becoming more connected to communication networks. Clearly, this raises questions on security measures that manufacturers employ. According to BlackBerry Cylance, over 60% of original equipment manufacturers (OEM) rarely test their hardware and software for vulnerabilities. Additionally, the long-life cycle of vehicles means that many components do not receive continuous software or firmware component updates, leaving space full of vulnerabilities. Technological advancement, or IoT connection, stores personal information, geographic locations, and more, which raises security threats. Thus, securing vehicles becomes vital, not only to avoid possible data breaches or violations in privacy laws but also because it puts drivers’ lives out in the open.
According to the BlackBerry Cylance Threat Report 2020, in the past year, we’ve witnessed a massive increase in the different modes of attacks as cybercriminals become more sophisticated. As a result, businesses find their security systems do not match the modern-day threat landscape.
Digitization is inevitable in today’s world as well as the future environment. But how can businesses ensure the safety of their people, products, services, data, and resources?
About BlackBerry Cylance 2020 Threat Report
The BlackBerry® Cylance® 2020 Threat Report contains a broad range of topics vital to the interests of businesses, governments, and end-users. It delivers the combined security insights of BlackBerry, a trailblazer in the Internet of things (IoT) and mobile security, and Cylance, an early pioneer of AI-driven cybersecurity and endpoint security market disruptor. To download the report, follow this link.
BlackBerry Limited enables the Enterprise of Things by providing the technology that allows endpoints to trust one another, communicate securely, and maintain privacy. Based in Waterloo, Ontario, the company was founded in 1984 and operates globally. On February 21, 2019, BlackBerry acquired Cylance, a privately held artificial intelligence and cybersecurity company based in Irvine, California. For more information, visit Blackberry.com .
Ackcent exclusively dedicates its capabilities and know-how to evaluate and manage security risks of critical digital assets and provide automated solutions to take care of these risks. Our security solutions combine our services with the highest technical performance products in the sector. Based in Barcelona, Spain, Ackcent was founded in 2014, serving customers locally and internationally. Ackcent is a strategic partner of Cylance, acquired by BlackBerry in February 2019. For more information, visit Ackcent.com.