GCI’s Top Three Security Predictions for 2020
2019 was a year blighted by high-profile cyber-security incidents. David Fraser, GCI’s Security Specialist tells us what we might expect to see in 2020.
7 January 2020
1. Phishing attacks and Machine Learning
As Machine Learning becomes increasingly popular and easier to deploy, we will see a huge uplift in targeted phishing attacks. Attackers can gather information across multiple sources to craft a personalised email to individuals, and the Machine Learning platform can track its success through the recipient’s replies and click-through rate. As attacks of this nature increase, the platform can learn and evolve how and who to target to ensure the highest yield per email. With huge amounts of breached data already available, attackers can identify the vulnerable targets and those who could be in a position to transfer sensitive data and currency.
2. 5G and increasing risk for connected devices
With the onset of 5G, we will see some risk with regards to connected devices. Previously deployed on the LAN and protected by a layer of edge security, devices utilising 5G will now effectively be directly connected to the WAN. Although efforts are made by vendors to ensure these devices are protected, WAN connectivity lets users share applications, services, and other resources on a wider scale, increasing the risk of security incidents. Fundamentally, regular security patches will be required to protect these devices putting a strain on the consumer.
Additionally, 5G devices will have the ability to strain Distributed Denial of Service (DDoS) providers due to their increasing bandwidth capabilities. As a refresher, DDoS attacks are a malicious method of disrupting a website/online service by overwhelming it with too much traffic from many sources simultaneously. As 5G boasts hypoconnectivity and the number of connected devices increases, so will the ability to harvest these attacks.
3. Wifi 6 attacks
With the introduction of 802.11 ax (WiFi 6) standards, the number of vulnerabilities to manage will inevitably increase. This is not simply due to the introduction of new protocols, but the fact that a number of older or legacy protocols will need to be simultaneously supported with newer standards, such as WPA3 (Wifi Protected Access 3) a security standard used to encrypt and protect Wifi networks. We envisage that the negotiation of protocol selection may enable an attacker to lower the selected protected access from WPA3 to WPA2 for some time as older (now current) devices are phased out. As support for WPA2 reduces due to the adoption of WPA3, we believe that this will become a prevalent form of attack.
Author: David Fraser, Security Specialist at GCI
The security partner of choice
If you’d like more information on how to protect your security posture, GCI is here to help. GCI’s Managed Security Services portfolio is unique in the marketplace as our services are individually tailored to suit your requirements, leaving you confident that your infrastructure is in the reliable hands of a firm that truly understands your business.
If you’d like a complimentary consultation to talk about your security requirements, or would like to learn more, please contact us at firstname.lastname@example.org