There is every week, we saw the headline on highlighting on the latest cyber-attacks and data hacks - even tech tycoons like Jeff Bezos aren’t safe - and a growing awareness of the fragile state of data privacy, cybersecurity awareness is at an all-time high. With 2020 underway, what should businesses and consumers worry about this year and what steps can they take to protect themselves from bad actors? There are 3 Cybersecurity Threats (And Solutions) for 2020, that will need the most protection this upcoming year. From IoT-connected devices to protecting cryptocurrency and how enterprises are using AI for protection.

IOT SECURITY: The Problem: Compromised IoT devices have been responsible for large scale botnets, which can launch denial-of-service attacks, steal data, inundate users with spam or even access devices and their connection without the owner’s knowledge. Of course, more people are buying IoT devices such as home assistants, smart doorbells, internet connected fridges, toasters and more, but securing IoT devices is still a difficult thing to achieve properly. Even something which seems innocent such as an IoT connected coffee maker could be hacked and allow attackers to know our pattern of use and from that, they can make predictions as to when we are at home or not.

The Solution: Organizations need to ensure they deploy IoT devices with sufficient security policies in place such as firewalls and intrusion detection and prevention systems, but they also need to ensure they cater for the confidentiality of their customers’ data. All devices need strong passwords. It is also good practice to enforce certificate-based authentication which identifies communicating individuals and authorised devices. This is currently used in point of sale (POS) terminals, petrol pumps and ATMs. Device management agents can also highlight failed access attempts and attempted denial-of-service attacks. All non-IoT devices must also be patched and kept malware free. These could as likely be the pivot point for infecting IoT devices.

CRYPTOJACKING AND CRYPTOMINING : The Problem: Cryptojacking is where malware gets implanted on a device with the sole purpose of mining cryptocurrency for the hacker. Criminals it seems have discovered that it can be easier to host cryptojacking malware on machines to mine cryptocurrency instead of attempting to execute traditional ransomware extortion attacks. While not as devastating as other attacks,nefarious cryptomining malware on a device will steal CPU processing resources leading to a slowdown in performance and extra drain on battery-powered devices. It can lead to a shorter lifespan of the affected device and substantial unexpected costs, if running on a paid-for cloud service for a long period.

The Solution: Cryptomining occurs when users are tricked into downloading executables or they visit high-jacked sites where ads get executed which run cryptomining scripts. The steps to minimize the likelihood of suffering a cryptomining breach are installation of ad blockers, anti-virus software, disabling Javascript and training staff about the dangers of clicking on links and visiting ‘dodgy’ sites. Also look for slowdown in performance and examine running processes.

ARTIFICIAL INTELLIGENCE AND MACHINE LEARNING: The Problem: We can never achieve perfect security if any system is targeted. We can of course and should – mitigate risk. Penetration testing is common for probing systems but many unintentional, yet significant security problems cannot be found through this type of testing alone, therefore source code auditing is the technique of choice for technical testing. Auditing code manually can be particularly effective for discovering several issues including access control problems, Easter eggs, time bombs, cryptographic weaknesses, backdoors, trojans, logic bombs and other malicious code.

The Solution: AI and Machine learning can be used to detect irregular financial transactions and customer profiling techniques; through fraud detection methods that match test data with profiled anomalous patterns. Anomalous detection systems profile normal patterns and searches for outliers, while hybrid detection systems combine misuse and anomaly detection techniques to improve the detection rate and reduce false-alarms. Scan detection can also be used to detect the precursor of attacks and lead to an earlier deterrence of attacks. Profiling networks then can assist in active protection of systems through extraction, aggregation, and visualization tools.

By Mr. Kevin Curran, Senior member IEEE