Most of us would agree that 2020 has been a hell of a year, or perhaps for some of us, just plain hell. While the global coronavirus pandemic continues largely unabated, users are also under attack from viruses and threats of the digital kind.
While it might seem like now is an odd time to focus on cybersecurity, particularly given the pressing events unfolding around the world, there is a distinct link between COVID-19 and digital security. Namely, hackers are using the pandemic to profit and have decidedly upped the ante when it comes to attacks.
Much like fighting against a physical virus, staving off internet nasties involves good online hygiene and equipping yourself with the right tools for the job. We help fight the novel coronavirus with facemasks and hand sanitizers. Similarly, to keep digital threats at bay, we need sensible digital defenses.
Here, we go over some of 2020’s key cybersecurity threats and a few actionable ways to keep your devices secure.
The Key Threats in 2020
As many digital security experts and think tanks have noted, cloud jacking represents a prominent cybersecurity threat this year and into the future. The reasonable thinking behind this is that an increased reliance on cloud computing and platforms to store and manage data will lead to an advanced level of risk.
Leading security firm Sophos suggests in its 2020 Threat Report that misconfigurations will be a key element in many incidents. In addition, cloud code injection attacks, direct to the cloud’s code or a third-party library, are a worrying development that can lead to data manipulation and theft.
Work From Home Concerns
In line with governmental restrictions and suggestions, a vast number of people are continuing to work from home as opposed to in an office environment. And working from home more often than not involves the staff’s own devices and home networks.
Two primary concerns with the remote worker situation are that individuals are less likely to have proper perimeter security on their home networks and staff devices are potentially compromised and therefore represent a significant security risk. In fact, security researchers at WatchGuard predict that 25 percent of all data breaches this year will be the result of remote work practices.
When the Internet of Things (IoT) technologies and devices first began to emerge on the market, there was a flurry of media attention pointing out the potential risks of IoT. While the volume of IoT threat-focused media has died down somewhat, the inherent IoT’s security risks certainly have not. Neither has the market. In fact, predictions from Fortune Business and others estimate that IoT will become a one-trillion dollar industry as soon as 2026.
The intensifying and encompassing spread of IoT devices and tools in businesses and in private homes is a risk that should not be overlooked, for the simple reason that more connected devices mean more potential access points and vulnerabilities for bad actors to exploit.
Additionally, because IoT is constantly evolving and changing, there are many opportunities for hackers to find and capitalize on new vulnerabilities. Likewise, security experts have to try and keep on top of an ever-adjusting landscape.
Drive-by Downloads and Malvertising
The face of malware has changed significantly since the days when you had to click a link to unwittingly infect your own system. Now, malvertising and drive-by downloads mean you don’t even need to actively open anything and your device is compromised.
With the latter, simply visiting an infected website can allow malicious code access to your computer or phone. These threats take advantage of any vulnerabilities, or exploits, such as a browser or app that is out of date, to install unwanted code.
How to Protect Your Devices?
Before we go over the essential cybersecurity tools you need, it’s important to remember that good digital hygiene practices are still one of the best ways to thwart attacks. With that in mind:
- Use multi-factor authentication for all of your accounts whenever possible.
- Don’t use passwords that contain personal information or are easily guessed. Instead, make sure all your passwords are around 12 characters long and contain a mix of upper and lower-case letters, numerals, and special characters. Additionally;
- Use a password manager, such as LastPass, to keep all your account information secure, don’t let your devices remember all your logins.
- Sign out of sites and accounts when you’re no longer using them.
- Double-check all of your third-party browser extensions and app for permissions and to ensure these programs don’t have access to your information. Remove any extensions you no longer need.
- Avoid using your devices in free public wifi zones.
- Choose cloud storage providers very carefully, make sure your pick has high-level security protocols in place.
- Make sure you’re using a good firewall program. Businesses need enterprise-level protection.
- Always install updates whenever they are available for your operating system and any apps. Unpatched issues lead to data leaks.
After you’ve shifted your online practices and habits to encompass the above considerations, invest in some quality cybersecurity tools:
Virtual Private Network
A Virtual Private Network (VPN) serves several security concerns: firstly, it creates a private network for you to browse on, and secondly, a VPN app encrypts any data in transmission, making it near impossible for a threat actor to see or interfere with your information.
As a result, your VPN app makes using free public wifi safe and secure, something that is an absolute no-go without protection in place. When installed on a router, VPNs can also encrypt a whole network and any connected IoT devices.
Choose a high-quality paid subscription. While a free VPN sounds great, the reality is that many actively sell client data. Remember that if a service is free, you are the product.
Antivirus & Antimalware
It’s a good idea to have both antivirus and antimalware installed on your devices. While the former was once the cybersecurity gold standard, today’s threats are too advanced for antivirus alone.
You can think of antimalware as the more modern version of antivirus, these programs can also detect suspicious links in text messages and on websites, and so help prevent drive-by downloads and malvertising based threats.
Although not mentioned above, phishing remains a huge threat in 2020, and bad actors are always coming up with novel ways of dressing up their fraudulent messages, such as masquerading as the World Health Organisation.
To help avoid phishing, firstly learn more about it, and secondly, consider an email scanner. These applications trawl through your emails and help weed out anything unsavory.
Despite the scope of the threat landscape, taking some time to ensure good digital hygiene and investing in quality cybersecurity tools can make all the difference, and keep your devices and your data safe in 2020 and beyond.
Also Read: Can AI Transform Cybersecurity?