We recently wrote about Deepfakes as a new cyber threat for 2021. There are a few more threats to be aware of this year, and knowledge of them is the best defense.
The Internet of Things, or IoT devices, already represents a mature technological industry. These connected devices are common in both homes and offices. In a perfect world, they make life easier and the products supported by IoT are more useful.
Unfortunately, IoT devices can be vulnerable to data leakage, cyber attacks and hackers. Connected units will be a concern in 2021, and their threat potential is almost guaranteed to get worse.
The security issues common to IoT devices stem from the rapidly growing demand for smart devices. The number of products connected to the Internet exceeded the number of people on the planet somewhere between 2008 and 2010 and is expected to exceed 75 billion by 2025.
The risk of hacking is not just a matter of having more devices as much as with a higher concentration of devices. At the beginning of 2020, American households had an estimated 11 Internet-connected devices per household. The number is expected to explode with the expansion of higher-speed wireless technology such as 5G in addition to the upward trend driven by people working and going to school at a distance during the COVID-19 pandemic.
More Internet-connected devices mean a larger attackable area, and having a higher concentration of IoT devices in a household or office means more entry points for hackers.
Example: an insecure Internet-connected coffee machine was successfully infected with ransomware in September 2020. Although security issues in IoT devices are common, infection with relatively sophisticated malware is a potentially massive evolutionary step and may well become the norm in 2021.
As IoT devices become more and more interoperable, the major cyber attacks on businesses, local authorities and authorities can migrate to home networks, effectively locking residents from their homes and devices and filtering out their data.  The problem is also not limited to home and office environments. The IoT is expanding in the medical, industrial and military fields, with an expected annual growth of 21, 21.3 and 6 percent, respectively. The potential benefits of Internet-enabled applications in any of these areas are enormous, but the increased risk cannot be overlooked.
AI and machine learning hacking
The good news first:
Against overwhelming hacking attempts, phishing emails, a lack of skills and an ever-increasing attackable surface, cybersecurity companies and experts are increasingly turning to AI solutions to defend networks and devices .
Advanced machine learning algorithms are used to identify phishing emails, malware attacks, and generally suspicious or unusual network behaviors that may suggest a cyberattack.
The bad news is that hackers have access to the same technology.
In much the same way that cybersecurity AI and machine learning can be used to scan and analyze huge amounts of data to identify a phishing attack, hackers and other threatening actors also have a huge amount of data at their disposal, especially from previous data breaches and leaks.
As proof of the concept in 2017, researchers at the Stevens Institute of Technology used data from two major data breaches where millions of passwords had been compromised. By analyzing tens of millions of passwords from a compromised gaming site, the AI-enabled network could artificially generate hundreds of millions of passwords based on patterns it identified. When applied to a set of 43 million compromised LinkedIn passwords, it was able to crack them with 27 percent accuracy.
Although this was just an experiment, there are more powerful programs. A program that was discovered in February 2020 reportedly had the capacity to analyze more than one billion logged-in login and password data and generate new variations. This represents an evolutionary step beyond filling in references (a crime where the target password is used to access other accounts). AI makes it possible to identify patterns and correctly guess passwords.
Although it is uncertain exactly how many threatening actors or hackers actively use AI and machine learning, both governments and technology companies take the threat seriously and actively build defense. This is likely to lead to an ongoing arms race between cyber security companies and hacking groups and is guaranteed to continue to escalate in the coming years.
Again, knowledge is the best defense against cyber threats. You should also be aware of personal protection against cyber, as it can also protect against the effects of these threats. This recommendation provides the type of coverage you can expect from a first-party security liability: data recovery and recovery, cyberbullying, financial loss due to online fraud and breaches of personal data.
You can always contact your local independent agent to learn more about cyber security insurance.
The insurance cover described above is in the most general terms and conditions and is covered by the actual exceptions and conditions. For specific coverage information and policy exceptions, see the policy itself or contact a central agent.
Blog courtesy of CyberScout. © 2020 CyberScout, LLC