Online Threats in 2020
At the end of 2019, the University of Maastricht almost two hundred thousand euros to (probably) Asian criminals to get their files back. Otherwise, the university would remain paralyzed and thousands of students, teachers and researchers would therefore have nowhere to go. It proves how far-reaching the consequences of online crime can be. Which online threats should you be most aware of in 2020?
Deepfakes and fake news
Since the 2016 US presidential election, it seems ineradicable: fake news and so-called deepfakes, videos that have been digitally manipulated. That way you can supposedly make influential people say anything you want and it all seems lifelike. As an average internet user, how can you still rely on information if falsifying that information has become an art in itself? It starts with the continuous realization that there are large numbers of deepfakes and fake news in circulation. Check them, double check them, and react from your ratio and not from your emotion. Does a message sound too bizarre to be true? Then there's a chance that it will.
Slowly it becomes clear that fabricating fake news and hacking governments is not something of shadowy hacker groups in attic rooms, but that countries try to hack each other in the context of digital warfare. Hacking is the new spying. Russia and China are examples of countries strongly suspected of having special forces engaged in penetrating other countries' government networks. But don't be surprised if countries like the US also have them.
Social media and usenet
Fake news and other threats only work if they are spread quickly. Fortunately, online users do this themselves, via platforms such as Facebook, Usenet and Twitter. As a hacker, you can't spam against that. Social media and usenet have taken the place of the huge bot networks through which spammers send and send email. That still happens, but the impact of social media spamming seems many times greater.
Masquerades via VPN
The digital world is fairly anonymous and cyber criminals make good use of that. The only link between a computer and a physical person is the IP address. Through VPN connections criminals can play a masquerade where they appear to be in location A, when they are not there. This makes detecting cyber criminals virtually impossible. It becomes even more difficult when those criminals want to take on someone else's identity. Hackers who want to penetrate an American system pretending to be from Iran, for example. The goal isn't even to penetrate that system — the goal is to unleash a conflict between America and Iran.
Ransomware is by far the most dangerous threat for entrepreneurs from both the SME and the corporate segment in 2020. The problem is that you can have your security in order – Maastricht University had that too – but that users must always adhere to the safety regulations one hundred percent. The strength of the chain is determined by the weakest link. You used to have the cleaning crew who would go outside at night to smoke and leave the back door unlocked – now you have the secretary who opens a weird email and does click on the link. No matter how well you are protected, if employees make a mistake, your entire network can be paralyzed. Personnel must be continuously trained on this and must be expertly thrown to death with warnings, reminders and also tests. As a manager, for example, send out a 'phishing mail' yourself and see what happens. But even then, 100% security does not exist, not even in 2020.