If you fear for our digital future, you might want to look away now. Cyber security solutions provider, Check Point Software Technologies has unveiled its cyber security predictions for 2020, and it’s not looking pretty.  It reveals the major cyber incidents and technical developments that Check Point’s researchers anticipate will impact our societies and businesses in the coming year, and indicate the security strategies that will help both governments and private organisations to prevent these incidents causing widespread damage and disruption.

Check Point’s global cyber-security predictions for 2020 are:

1.       New cyber ‘cold war’ escalates – Check Point believes there will be a new cold war, and it will be conducted in the online world as Western and Eastern powers increasingly separate their technologies and intelligence. They note how the ongoing trade war between the U.S. and China and the decoupling of the two huge economies, is a clear indicator of this. Cyber-attacks will increasingly be used as proxy conflicts between smaller countries, funded and enabled by large nations looking to consolidate and extend their spheres of influence, as seen in the recent cyber operations against Iran, following attacks on Saudi Arabia’s oil facilities.

2.       Fake news 2.0 at the U.S. 2020 elections – Check Point states the U.S. election in 2016 saw the beginning of AI-based propagation of fake news. Political adversaries made huge progress creating special teams that created and spread false stories to undermine support for their opponents. U.S. candidates can expect that overseas groups have already made and are implementing plans to influence the 2020 elections.

3.       Cyber-attacks on utilities and critical infrastructures will continue to grow – Utilities continue to be a target of cyber-attacks, as seen from attacks on U.S. and South African utility companies this year, says Check Point. In many cases, critical power and water distribution infrastructure uses older technology that is vulnerable to remote exploitation because upgrading it risks service interruptions and downtime. Nations will need to look at radically strengthening cyber defenses for their infrastructure.

Check Point’s technical cyber-security predictions for 2020 are:

1.       Targeted ransomware attacks increase – 2019 saw ransomware being increasingly targeted against specific businesses, local government and healthcare organisations. Attackers are spending time intelligence-gathering on their victims to ensure they can inflict maximum disruption, and ransoms are scaled up accordingly.  Attacks have become so damaging that the FBI has softened its stance on paying ransoms:  it now acknowledges that in some cases, businesses may need to evaluate options to protect their shareholders, employees and customers.  This in turn will drive an increase in organisations taking out insurance policies against ransomware, which will also increase attackers’ ransom demands, believes Check Point.

2.       Phishing attacks go beyond email – While email remains the #1 attack vector, cybercriminals are also using a variety of other attack vectors to trick their intended victims into giving up personal information, login credentials, or even sending money. Increasingly, phishing involves SMS texting attacks against mobiles, or use of messaging on social media and gaming platforms, notes Check Point.

3.       Mobile malware attacks step up – The first half of 2019 saw a 50% increase in attacks by mobile banking malware compared to 2018.  This malware can steal payment data, credentials and funds from victims’ bank accounts, and new versions are available for widespread distribution by anyone that’s willing to pay the malware’s developers. Phishing attacks will also become more sophisticated and effective, luring mobile users to click on malicious weblinks, Check Point believes.

Check Point’s founder and CEO, Gil Shwed said, “As our societies increasingly rely on seamless always-on connectivity, criminals and nation-state threat actors have even more opportunities to influence the outcomes of political events, or cause massive disruption and damage that puts thousands of lives at risk. Attacks are constantly increasing:  over the past year, our ThreatCloud blocked nearly 90 billion compromise attempts per day - compared with estimated six billion daily searches on Google.

“We can no longer defend ourselves using traditional detection-based security models: by the time we detect the threat, the damage has already been done. We need to automatically block these advanced new Gen V attacks and prevent them disrupting the systems we rely on, using Gen V security that combines real-time threat prevention, shared intelligence and advanced protections across all networks, cloud and mobile deployments,” Shwed ends.