Rise of Phishing Attacks and New Phishing Verticals
Speaking of phishing: With an all-time high of around 300,000 attacks - in 2019 alone - phishing has become one of the most common forms of cyberattacks. So, it was only a matter of time before new variants would emerge here.
Smishing, for example, involves sending convincingly authentic-looking SMS and text messages from alleged postal services, for example, in order to trick potential victims into disclosing private information. Another new variant is vishing ('voice phishing'), in which automated telephone calls are made in an attempt to persuade the recipient to hand over access data, etc.
Even more perfidious: in spear phishing, cybercriminals even go so far as to enrich their email scam with publicly available information (e.g., from social media) in order to specifically target certain individuals for deception. This can even go as far as becoming a social engineering attack. The scams are on the rise, and so is the threat to all users.
Artificial intelligence (AI)
There's no getting around the current trend of artificial intelligence - and no discussion about it either. The debate is heated: Opportunity or danger? The same applies AI with regards to cyber security. Here, too, AIs can be seen both positively and negatively. Companies that use artificial intelligence to enhance the protection of their data, infrastructures and systems can fend off potential attacks in an automated manner, or at least detect them more quickly and mitigate them considerably in financial terms.
At the same time, of course, criminals have also jumped on the AI train and use it for their own purposes, such as datapoisoning and ransomware.
No matter from which perspective you look at artificial intelligence - one thing is certain: it will have a major impact on developments in cybersecurity in the future.
The 'Internet of Things' (IOT)
What about devices that are neither computers, phones, nor servers, but are still connected to the Internet? Just think of smartwatches, voice assistants, smart cars, smart refrigerators. They are all part of the rapidly spreading digitization, spurred by the work-from-home trend.
The endless proliferation of devices naturally increases the risk of cyberattacks, as they significantly increase the attack surface. To make matters worse, these devices have various vulnerabilities - for example, a lack of storage capacity that barely leaves enough room for firewalls and antivirus software.
They have proven extremely useful - especially during the pandemic - as multiple users can access data from different locations. This makes the cloud efficient, cost- and space-saving. However, cloud services must be well configured.
But that's not all: employees must also be aware of which cloud services are allowed to be used. When users start using cloud software on the Internet themselves, insecure interfaces or incorrectly configured cloud settings can quickly become a gateway for cyber threats.
Implementing secure cloud protection measures is essential for companies and requires a certain level of IT know-how and an understanding of internationally varying legal requirements.