It is time to look back on 2020, a year that put cyber security to the test everywhere in the world. The COVID-19 pandemic will have required companies to completely review their working models and revealed many security vulnerabilities.
In a context where everyone agrees that teleworking will become the new standard, what changes can we observe in 2021 in terms of cyber security services?
Trend 1: Covid and teleworking, long-lasting entry points
In cyber security too, context is king. This principle was particularly followed in 2020, where many opportunistic cyber-attacks were noted. Exploitation of flaws due to teleworking or cyber-attacks surfing the Covid-19 epidemic … After the earthquake that devastated Haiti in 2010, cyber-malicious had already shown themselves quick to take advantage of a crisis (they had then imitated WHO mails). In 2020, they had a great time with the coronavirus and the legitimate quest for information from Internet users. Phishing campaigns, distribution of malware, theft of the identity of an official website …: the UNODC listed in a report published in May the main specific Covid-19 cyber threats identified. And according to Interpol, at the end of March 2020, more than 2,000 new domains incorporating the term Covid were identified as malicious and more than 40,000 classified as high risk. Not to mention the explosion of delivery scams, boosted by the rise of e-commerce.
It must be said that cyber criminals were well helped by the various confinements of the year 2020, during which the rise of teleworking caused some elementary security rules to be forgotten … Thus, one in four companies declared that they had made compromises with security during the first confinement.
Trend 2: doped threats to artificial intelligence
New technologies will be the levers of the conflicts of tomorrow, estimates the ISS (Institute for Security Studies). This European body published in December 15 scenarios for 2030, in which experts imagine the wars of the future. The term Artificial Intelligence appears there 547 times… Europol has listed the current and future threats of artificial intelligence. According to this report, AI is already being used to guess passwords, crack CAPTCHAs, and even… clone voices. But tomorrow, it is in the physical world that the consequences could be terrible. And with the rise of machine learning operations, it is the industrialization of AI (and its threats) that is currently being played out.
2021 is expected to be a year of strong adoption of AI in business, prophesies Forrester. And by 2025, the artificial intelligence software market will be worth $ 37 billion. A rapidly growing market, therefore. Already in 2019, 52% of French companies were using AI solutions or had plans to do so, according to Wave stone figures. In August 2020, artificial intelligence was used in a US Air Force military aircraft. Yet companies that adopt emerging technologies, led by AI, underestimate the risks and are slow to plan for their security, according to an Accenture study published in November 2020. A gray area conducive to cyber-attacks.
Trend 3: 5G and IoT will accelerate and multiply cyber attacks
5G has started its deployment in France and Europe. With a promise: process more data, faster. Enough to develop a real Internet of Things (IoT), with a variety of nature and applications (telemedicine, autonomous vehicles, smart buildings, etc.), or even profoundly modify the geography of a company’s networks. Enough to increase the attack surface as well. Among the risks induced by 5G, Accenture mentions “the hyper precision of geolocation and the explosion in the volume and speed of the network”. It must be said that the distributed nature of 5G networks on which a multitude of connected objects with questionable security will be added reduces the visibility of threats. Because 5G technology has its share of vulnerabilities. And requires specific cyber security based on integrated protection, governance and data protection. Note that on this issue, Europe launched an audit in December 2020 to verify that the cyber security of 5G currently deployed in several countries is at the expected level.