In 2019 one of the most addressed topics in the areas of computing of companies and organizations, was cybersecurity. According to the Information Systems Audit and Control Association (ISACA), collected by the WeLiveSecurity site, Cybersecurity is defined as:
“Protection of information assets, through the treatment of threats that put at risk the information that is processed, stored and transported by the information systems that are interconnected.”
This is why cybersecurity is within what is understood as the protection of digital information that “lives” in interconnected systems. “As a result, it falls within the security of information,” the website says.
This scenario, where we are not only talking about simple data safeguarding: it is also important the protection of all means that support where sensitive information is located. In view of this, it is necessary to acquire and refine the strategies against cyberattacks that could even increase next year.
For this reason, at Tecnova we have compiled the main challenges that companies and organizations have in regards of Cybersecurity. The list of these forecasts was prepared based on what was collected by the prestigious information security companies, such as Kaspersky y ESET
Infections to software production chains:
Companies in the region engaged in the production of massive software could become targets for such attacks. The penetration of software produced by these companies into the market is often important, which for cybercriminals would represent a high-impact attack with minimal investment.
Machine learning, create security or attack it?
According to ESET, Machine Learning (ML) offers the ability to develop solutions in the cybersecurity industry. However, he warns that “cybercriminals will also use ML to increase the scale and complexity of their attacks.” Given this, an example about that hackers could use is the deepfakes.
Increased attacks on financial institutions:
Not only are cybercriminals content with attacking financial services clients, now they seek to engage banks or any institution or organization that offers such services, for example correspondents or transaction hubs, as has been recently observed in our country. These attacks will continue, carried out by both local cybercriminal groups that will increase their presence.
Ransomware resurgence and more targeted attacks:
Instead of demanding money for the decryption of information, extortionate campaigns will increase. Through them, the victim will be forced to pay a ransom so that their information is not leaked into the public domain. For Kaspersky it could be problematic for hospitals, law firms and accountants, as well as any type of entity that handles information from third parties subject to regulations.
In addition, certain cybercriminal groups will choose high-profile targets, where the impact of the attack and media interest can compromise the operation and reputation of the affected organizations.
Smart Cities dependency protection
According to ESET reports, 80% of new buildings in Latin America incorporate some Internet of Things (LoT) technology. In response, some smart devices and systems do not have strong authentication protocols or are not protected by any type of security solution.
From ESET they state that, despite not using access control systems that “browse” the web, they “still need to protect themselves against malware”.
Expansion of the Swapping SIM as a service:
For Kaspersky, criminals will offer to clone a particular line so that other individuals can engage in illicit activities, such as identity theft or gaining access to financial sites with the aim of stealing money from the victim.
Increased blackmail attacks targeting companies and corporations under new legislation:
In Latin America and Chile are adopting legislation inspired by the European GDPR. This is intended to apply harsh sanctions to companies that leave personal data exposed.
This is why, when criminals invade a corporate infrastructure and steal sensitive company data, they will launch attacks to extort victim companies. They will have to choose between paying the fine imposed by law or paying the criminal.
In the event of any scenario involving your company next year, Tecnova is prepared in areas to prevent any type of attack with our Cybersecurity services.