2018 was a year with record-setting numbers in regard to data breaches and the exposure of consumer records. By mid-2019, numbers were on track to beat that. So, where does this lead us as we approach 2020? It’s not good.
The truth is, data breaches are going to happen. So, it’s important to familiarize ourselves with how we can protect our companies, and even ourselves, when they do. Here are some things that you need to keep in mind as we move into the next year:
Phishing and Smishing Will Continue
There is no doubt that cyber criminals will continue to use phishing and smishing to target their victims. In fact, it might even be easier when you consider things like the upcoming Presidential election and the tons of texts and emails that will be sent to raise funds. What’s real and what’s fake?
Social media phishing will be an issue in 2020. This form of identity theft has been around for many years, but again, these new social media groups really open the doors for cyber criminals who are interested in phishing to move right in.
On top of that, social media is becoming more and more divided as people look for communities where like-minded people are found. These communities, no matter what they support, are creating what we might think of as “tribes.” They might be tribes in support of a specific social issue, a movie star, or yes, even a certain Presidential candidate. When in these groups, people tend to trust members of their “tribe,” but in reality, you don’t know these people from anyone else. And in these tribes, there are wolves.
Entities that were targets before, like banks, have been working hard at educating their customers on how to recognize things like fake websites or emails, but now, these cyber criminals are moving towards social media and texts, and that is even easier for them.
Drone Hacking in 2020
More cities than ever before are offering free public Wi-Fi to their residents, but hackers are also taking advantage of this. Public Wi-Fi is pretty much open for anyone to grab the data, and hackers could use drones to steal this information. Yes, hackers will steal identities using Wifi but will use drones as a literal vehicle to steal that information!
As we look at the past few years, we can see that public Wi-Fi networks have seen an increase in the number of attacks. How easy is this? If these hackers can afford a device that’s about $99, they can easily do it, and it takes almost no effort to gain this information. The $99 device is known as a WiFi Pineapple which is an “ethical hackers” tool originally designed for security purposes. This device is legal to purchase, and hackers can buy them right online. Hackers quickly found that they could use the device to improve the way they get information. Now coupled with a drone, WiFi hackers have taken to the skies.
Once they have the device, they can not only take passwords to your online bank account as you type it in, but they can also get their hands on all of the information they need to hack into your accounts. Plus, they can do this anywhere there is public Wi-Fi, from your local coffee shop to your conference room.
DeepFakes in 2020
We also expect cybercriminals to use “deepfakes,” which is basically audio and video technology that is manipulated to distort a given message. This tech can also create a lot of confusion and even disrupt financial markets across the globe.
The term “deepfake” was first coined in 2017, though the technology has been around since the mid 90s. It was first developed via academic research that was looking at how computers can develop an understanding of digital image, and actually use these images to do things that humans once did. It also, however, allows people to essentially “photoshop” videos.
Today, anyone can purchase deepfake videos to say and do whatever they please. This might be an adversary creating pornographic video of someone to disparage them. All the creator needs are a 15 second video of that person talking to grab all the moving or still images of facial expressions which are then transposed via AI into the deepfake.
For instance, in 2018, a video surfaced of Angela Merkel, the Chancellor of Germany, with her face replaced by the face of US President Donald Trump. There was also a “public service announcement,” which came out in 2018, that looked like it was from Barack Obama, but it was actually the director and actor Jordan Peele, who wanted to raise awareness of deepfakes. The video went viral, and other voices and images of world leaders could also be manipulated, and that would surely cause huge problems, both in individual countries and throughout the world. Even this year, an altered video of Speaker of the House Nancy Pelosi was released, and it was manipulated to show her slurring her words.
2020 and Point of Sale Hacking
The other thing you should be aware of in 2020 is point of sale hacking is alive and well and the viruses to facilitate fraud and hack mobile phones are more robust than ever. For example, mobile payment options are coming up all the time, and you can use your card almost anywhere, even in places where you couldn’t use them before. Because of this, there will be a big boost in POS hacking resulting in a spike in identity theft.
This industry is expected to grow to more than $4.5 trillion over the next couple of years, but so will things like hacking in the mobile industry. This is not to say you should not use your mobile for payment, as a mobile is far more secure than a credit card.
However, this is concerning specifically in regard to privacy and security when utilizing mobile solutions, especially at the POS. As more and more small retailers, venues, and others begin using POS platforms to keep up with demand, they might not even realize that they are not secure.
Consumers have options when it comes to paying, but so do hackers, and this is certainly something that we should all be aware of as we move into 2020.
These are just a few of the data theft issues that you should, as both a business owner and a consumer, be aware of as we move into 2020. And what does this mean to investors in the security space? Well, this author often states “bad guys are good for business”.… at least if you are a security company providing ways to solve the bad guy problem.
