At the end of 2019, the University of Maastricht nearly two hundred thousand euros of (probably) Asian criminals to recover their hostages. Otherwise, the university remained paralyzed and thousands of students, teachers and researchers could not go anywhere. It proves how far-reaching the consequences of online crime can be. Which online threats should you take into account most in 2020?
Deepfakes and fake news
Since the US presidential election in 2016, it seems irreversible: fake news and so-called deepfakes, films that have been digitally manipulated. That way you can have influential people supposedly say everything you want and it all seems lifelike. As an average internet user, how can you still rely on information if falsifying that information has become an art in itself? It starts with the constant realization that large numbers of deepfakes and fake news messages are in circulation. Check them, double check them, and respond from your ratio and not from your emotion. Does a message sound too bizarre to be true? Then there is a chance that it is.
It is slowly becoming clear that fabricating fake news and hacking governments is not something of shadowy hacker groups in attic rooms, but that countries are trying to hack each other in the context of digital warfare. Hacking is the new spying. Russia and China are examples of countries that are strongly suspected of having special units involved in the penetration of government networks from other countries. But don't be surprised if countries like the US turn out to have them.
Social media and usenet
Fake news and other threats only work if they are spread quickly. Online users do this 'happily' themselves, via platforms such as Facebook, Usenet and Twitter. As a hacker you cannot compete with that. Social media and usenet have taken the place of the huge bot networks that spammers use to send and send e-mail. That still happens, but the impact of spam via social media seems many times greater.
Masquerades via VPN
The digital world is fairly anonymous and cyber criminals make grateful use of it. The only link between a computer and a physical person is the IP address. Through VPN connections criminals can play a masquerade, where it looks like they are at location A while they are not there. This makes the detection of cyber criminals virtually impossible. It becomes even more difficult when those criminals deliberately want to assume someone else's identity. Hackers who want to invade an American system while pretending to be from Iran, for example. The goal is not even to invade that system - the goal is to unleash a conflict between America and Iran.
For entrepreneurs from both SMEs and the large business segment, ransomware is by far the most dangerous threat in 2020. The problem is that you can have your security in order - Maastricht University had that - but that the users must always adhere 100% to the safety regulations. The strength of the chain is determined by the weakest link. In the past you had the cleaning crew who went to smoke outside in the evening and left the back door unlocked - nowadays you have the secretary who opens a strange mail and does click on the link. Then you can still be so well protected, if employees make a mistake, your entire network can be paralyzed. Personnel must be continuously trained for this and must be expertly thrown to death with warnings, reminders and also tests. For example, as a business manager, send a 'phishing email' yourself and see what happens. But even then: 100% security does not exist, not even in 2020.