Announcement of 12. December 2019

G DATA IT Security Trends 2020: New attack patterns and inattentive employees will jeopardise IT

Living Off The Land attacks exploit Windows standard tools for infections

Medium-sized companies are being targeted even more heavily by cyber criminals than before. They are often the weakest link in supply chains that include large corporations. In 2020, attackers will exploit this to an even greater extent than before and attack in a targeted manner - using new methods such as Living Off The Land attacks. And the number of harmful apps for smartphones and tablets reached a new record in 2019 - with the trend set to rise in 2020. Experts from G DATA CyberDefense reveal the dangers that will threaten companies and private individuals in 2020.

“With new malware, criminals have for years been relying on volume, but what we are currently seeing is increasingly complex attack patterns that can only be fended off with intelligent behaviour analysis,” says Andreas Lüning, co-founder and CEO of G DATA CyberDefense. This is because, in so-called Living Off The Land attacks, attacks are carried out using standard apps that are pre-installed on every Windows system. Lüning warns, however, not only to see the technical dangers.

Andreas Lüning

The future is already digital. IT security will become an essential factor for success. Companies must learn to understand this and not forget the users, who need to be aware of the dangers. IT security begins not at the endpoint, but with you as a person, whether you are a managing director or an employee.

Andreas Lüning

Co-founder and CEO of G DATA CyberDefense

New attack patterns

According to security experts at G DATA CyberDefense, one trend in the coming year will therefore be increasingly complex attack patterns. In so-called Living Off The Land attacks, cyber criminals combine Windows standard tools such as Powershell and Bitlocker with a malicious script to execute an attack. They then spy on passwords or encrypt critical data to extort ransom money. To even be able to detect such attack patterns requires behaviour monitoring that can reliably identify even complex processes as being malicious.

The cyber crime business model is flourishing and still developing. In the future, criminal collectives will increasingly focus on division of labour and professionalisation. This means that, while one group specialises in penetrating corporate networks, another team concentrates on exfiltrating or encrypting data from the network. Some earn money by selling access data, others from ransom demands.

SMEs in the crosshairs

Small and medium-sized businesses are increasingly becoming the focus of cyber criminals. It is often easier for criminals to penetrate their networks because the IT security very often has gaps. They are often not even the primary target, but the weakest link in the supply chain, enabling infiltration of a large corporation. Here, all sectors are called upon to implement their own IT security standards. Another problem is that many companies rely on insecure methods of remote maintenance, particularly the Remote Desktop Protocol (RDP).

The healthcare sector especially has a great deal of catching up to do in outpatient healthcare. There is a lack of basic security standards in the area of practical IT. As this area is digitalised, significantly more money needs to be invested in cyber security in order to meet compliance requirements and avoid high fines.

People prevent cyber attacks

Spam email will become more and more valuable in the future for things such as dynamite phishing. Such emails are difficult to recognise as harmful. Therefore the slogan applies more than ever: Think first, then click. Anyone who - thoughtlessly or out of pure curiosity - clicks on a possible million euro win is endangering IT security. Security awareness is still the most underestimated measure for bringing the entire security-relevant defence landscape to a higher level. Companies need to invest in training activities for their employees.

 

Mobile devices

More and more people are using smartphones and tablets as a digital cockpit for their everyday lives, for example to control their smart homes while they are out. And the PSD2 payment directive also ensures that mobile devices used for online banking increasingly have two-factor authentication. This makes them an attractive target for criminals. They mainly use adware to spy on users and collect data.

The G DATA experts are observing a worrying trend in the area of smartphones - the use of stalkerware. Stalkerware offers the possibility of penetrating a person's private life by means of commercially available malware and is used as a tool for abuse in cases of domestic violence and stalking. IT security service providers and victim protection organisations have been working together since 2019 to improve protection - and will launch further initiatives in 2020. Consequently, G DATA is involved in the fight against dangerous apps such as stalkerware. As a founding member of the “Coalition against Stalkerware”, the German IT security specialist is committed to informing users better of potential risks and is working with victim protection organisations to tackle non-technical problems associated with stalkerware.

Media:

Announcement of 12. December 2019