- Antivirus is not enough
With the rise of polymorphic threats and the explosion of unique malware variants, the industry is quickly realizing that traditional approaches to antivirus, both file signatures and heuristic/behavioral capabilities, are not enough to protect against today’s threats. We have reached an inflection point where new malicious programs are actually being created at a higher rate than good programs. As such, we have also reached a point where it no longer makes sense to focus solely on analyzing malware. Instead, approaches to security that look to ways to include all software files, such as reputation-based security, will become key in 2020.
- Social Networking Third-Party Applications Will be the Target of Fraud
With the popularity of social networking sites poised for another year of unprecedented growth, expect to see fraud being leveraged against site users to grow. In the same vein, expect owners of these sites to create more proactive measures to address these threats. As this occurs, and as these sites more readily provide third-party developer access to their APIs, attackers will likely turn to vulnerabilities in third-party applications for users’ social networking accounts, just as we have seen attackers leverage browser plug-ins more as Web browsers themselves become more secure.
- Mac and Mobile Malware Will Increase
The number of attacks designed to exploit a certain operating system or platform is directly related to that platform’s market share, as malware authors are out to make money and always want the biggest bang for their buck. In recent years, we’ve seen Macs and smartphones targeted more by malware authors. As Mac and smartphones continue to increase in popularity in 2020, more attackers will devote time to creating malware to exploit these devices.
- Specialized Malware
Highly specialized malware has been uncovered across the decade that was aimed at exploiting certain niche products such as ATMs, indicating a degree of insider knowledge about their operation and how they could be exploited. Expect this trend to continue in 2020, including the possibility of malware targeting electronic voting systems, both those used in political elections and public telephone voting, such as that connected with reality television shows and competitions.