New Trends in Cyber Security (Part 3)

Posted May 12, 2020

This is part 3 in our series on new trends in cybersecurity. If you haven’t already, you should check out part 1 and part 2.

Deep Fakes

Forrester Research predicts costs related to scams involving deep fakes will exceed $250 million in 2020. Deep fakes can take the traditional phishing scams to a new level. Through widely available deep fake technology, you could receive a voicemail or even a video of someone you know — like your boss instructing you to wire money to a fraudster. Using artificial intelligence, deep fakes can accurately mimic voice and tonality of the victims and follow up with an email or text message confirming the instructions. The software and technology necessary to perform such attacks is even being created by household names such as Google in their controversial Duplex service which mimics a user’s voice to make phone calls on their behalf.

Deep fake scams are still in their infancy. As scammers get a couple of wins under their belt and the technology becomes more widespread, we expect the attacks to increase rapidly. On a global level, the geopolitical risks are extreme as nations extend their disinformation campaigns. But even on a small business level, our ability to trust our eyes and ears may be changed forever.

Windows 7 Sunset

Windows 7 has finally reached its official end of life from Microsoft after an eleven-year run. This means security updates will no longer be available for some 200 million PCs still running Windows 7. Even if your organization is no longer running Windows 7, the threat remains in the millions of vulnerable PCs that are now more likely to become part of a botnet carrying out other attacks. It also means that any personal data stored on a Windows 7 device could now be more easily compromised. Passwords, personal information or financial information stored on a Windows 7 device can be more easily stolen as new vulnerabilities go unpatched. Any Windows 7 device left on your network is now an unmanaged threat to your network. With prolific BYOD policies in place, IT managers must be vigilant in restricting how these devices can access corporate networks.

Malware

In the current work from home environment, you’ve probably been invited to a Zoon meeting or at least heard of Zoom in the media because of their unprecedented growth rate. Early this year Zoom reported a 50% month-over-month increase in daily meeting participants as they hit the 300 million participant milestone. At the same time as Zoom’s incredible growth, the software was also being banned by the likes of Google, SpaceX, Taiwan, NASA, German Foreign Ministry, New York City Department of Education and the United States Senate. In fact Zoom’s security flaws are so severe that Arvind Narayanan, an associate computer science professor at Princeton University states, “Zoom is malware.” When we think of malware, we usually think of software installed without our knowledge or apps downloaded from non-credible sources. We hardly think of public companies with exponential user growth rates. Zoom isn’t undeserving of the malware classification. In 2019 it was revealed Zoom had quietly installed a hidden web server on user devices that allowed users to be added to calls without permission. Zoom has also implemented in-app surveillance measures as well as selling user data making it a privacy disaster. Whether from supposedly credible sources or intentionally malicious sources, malware remains a credible threat. Over 439,000 new malware variants were detected in 2019 and with the strong growth in IoT devices and their limited security potential along with classification of products like Zoom, we expect to see an uptick in malware going forward.

The Solution

While the cyber threats continue to increase in complexity and occurrences, the tools available to harden networks and systems are also advancing rapidly. Hardware and software from innovative companies like WatchGuard are leveraging artificial intelligence to create intelligent protection systems with simplified management. And cybersecurity analysts, who spend their lives in the trenches fending off threats, are one of the fastest-growing career fields today.

Kyle Vinar

Kyle Vinar is Partner / President of Verus Corporation. He oversees all business operations and coaches Verus teams to continually improve on their solutions from client experience to product development and overall solution implementation. He works with all Verus resources to increase efficiencies and excellence in every aspect of their organizational roles. Kyle believes that people are the last real competitive edge that a company can have and constructing a rich culture is a vital step in running a world-class organization. Therefore he strives to create a culture within Verus that allows everyone to show up authentically and grow both personally and professionally, which in turn allows Verus Corp team members to provide clients with top-of-the-line service. Kyle helps balance strategy, capacity, and culture in such a way that has allowed Verus Corp to achieve exponential growth since he joined the company in 2013. One of Kyle’s greatest professional achievements has been in helping lay the foundation upon which Verus Corporation could be named the 2nd Best Place to Work by the Minneapolis/St. Paul Business Journal. Kyle holds a Bachelor of Science in Marketing from St. Cloud State University. He lives in Champlin with his wife and 3 children. He has enjoyed volunteering as a soccer coach for over 6 years and was the former Director of Coaching for Rebels Soccer Club. If Kyle isn’t on the sidelines of one of his children’s soccer games or in the audience of his eldest’s musicals, he can often be found cruising scenic routes on his Harley, in a deer stand, or on the golf course.