Page 24 - Cyber Defense eMagazine June 2020 Edition
P. 24
Online scams will increase.
Ecommerce and online services are experiencing massive growth today. Shops that weren’t selling online
before were forced to change their business models, and consumers who weren’t shopping online had
to learn new skills fast. When the lockdown is over, many consumers will keep this habit —along with
their poor knowledge of (and attention to) cyber threats. Hackers will be ready and waiting, eager to
commit fraud and steal personal and payment data.
To reduce risk, organizations will have to simplify their cybersecurity practices. In particular, they will
need to eliminate complex jargon and antiquated interfaces. The value of clearly communicating security
risks to customers and building in as many safeguards as possible will be higher than ever, and
organizations need to start working on this as soon as possible. Since solutions will have to be simple
and clear about security settings, the value of UI/UX will grow. Online services — from retailers to social
media sites to cloud storage providers — will be under more scrutiny to enable secure settings by default,
and some vendors will use advanced security options as a market differentiator.
Spoofing will go to the next level with deepfakes.
Hackers are already experts at sending emails in which they impersonate C-level management and ask
employees to transfer money or provide access to sensitive data, and we’ve even started to see voice
spoofing. With organizations now relying on video conferencing extensively, we are likely to see more
hackers using live deepfakes to spoof video calls. While this is not something that will happen to the
majority of organizations tomorrow, AI and neural networks are making deepfake tech not just possible
but more widely available and affordable. There are multiple ways this technology could used, including
deception using face recognition technologies, and even video-spoofing-as-a-service.
Organizations that will be using video conferencing for regular communication will be vulnerable to this
new variant of cybercrime. To protect themselves, they will need to reshape their business processes,
especially approval workflows for budget spending and data access. In addition, IT teams will need to
increase the accountability of all employees, especially those with admin rights, to prevent illegitimate
elevation of privileges.
The number of data breaches will increase.
Enabling employees to be productive from home and maintaining business operations has been a huge
stressor for IT teams. The need for them to shift their focus to these priorities is giving hackers plenty of
opportunities to hide their malicious activity long enough to cause serious damage. In addition, any AI-
or ML-based security monitoring solutions that organizations had in place became useless instantly, since
the dramatic changes in user activity patterns generated vast numbers of false positive alerts. While this
security intelligence and IT routines will adapt to the new normal in time, everything is likely to get crazy
again when employees return to the office, and organizations will again be blind to suspicious activity
that could lead to breaches until the solutions and IT teams can adapt again.
Cyber Defense eMagazine –June 2020 Edition 24
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
