The 7 top cyber security threats and risks in 2020

Last updated: October 20, 2020
Top-cybersecurity-threats

Disclaimer: Affiliate links help us produce good content. Learn more.

Every year, cyber security threats seem to become increasingly dangerous. From smartphone malware to AI-assisted phishing, and from epic corporate data leaks to Cloud-based ransomware disasters, we have already seen some huge cyber security threats either grow or worsen.

Hundreds of millions of user records stolen from databases, millions of unsuspecting devices turned into crypto mining botnets, billions of dollars’ worth of damage – the ever-growing list cyber security threats goes on…

What’s even worse, these risks are definitely here to say, with cybercriminals escalating attacks and tech giants constantly buying and siphoning our data. As we hand over more information about our lives to companies, government, and strangers on social media, cybercriminals are discovering new ways to turn that information into money.

So, to help you stay safe, here’s our list of the worst cyber security threats in 2020.

1. Malware-infected Android smartphones

2019 has been dubbed the “year of mobile malware” for Android devices. 2020 should be no different. According to McAfee’s Mobile Threat Report, Google Play is inundated with malicious apps which conceal Bitcoin mining operations. When these dangerous apps load up, the mining code does as well, using up resources and causing Android smartphones to slow down.

And that’s not all. In 2017, mobile malware that came to be known as Grabos was discovered by security experts. Hidden away in innocuous-looking apps like Aristotle Music Player (over 5 million downloads and counting), the Grabos mobile malware could beam all sorts of data back to command and control servers from targeted Android devices. That data was used in identity theft attacks, causing untold damage.

Sometimes, even apps that promise to secure your smartphone are actually malware. Apps that purport to clean up smartphone memories, guard against malware and “cool” CPUs often conceals Trojans which can take control of Android devices.

There was a time when Android users could feel relatively safe from viruses and malware. After all, the platform itself was thought to be immune to infections, and the Google app library was well curated to keep out digital threats.

Well, that’s no longer the case at all. As smartphones become more and more ubiquitous, attackers are focusing their efforts on weak points like third-party app libraries and unsecured wifi hubs. And it’s only going to get worse as their profits start to mount.

2. Corporate leaks and data breaches

You can no longer trust companies to secure your information against leaks and data breaches. Both in 2018 and 2019, data leaks from corporations and public institutions were some of the biggest cyber security threats around, and there have been some record breaches in the recent past.

For instance, in September 2018, British Airways announced that it had suffered a data breach. As far as we know, the airline’s servers were in cybercriminal hands for two weeks at the tail end of the summer vacation season. During that time, customers’ financial details were unsecured and were stolen in huge numbers. Over 350,000 people in all were affected by the data breach, and British Airways still hasn’t released details of compensation and costs.

Of course, BA wasn’t alone. They are actually part of a massive club of companies that have suffered information leaks and data breaches this year. Take Reddit, for example. You’d think that a forum populated by snarky people with intimate knowledge of the latest cyber security threats would be right up to date with their security practices.

Well, think again. Last year, Reddit released an announcement that their staff two-factor authentication (2FA) processes had been compromised, leading to a huge leak of emails from Reddit users. That’s a big deal for those who have posted anonymously for years and are worried about being unmasked. And it’s a potential treasure trove for blackmailers. All because the company got lazy with choosing its 2FA processes.

From Equifax to the Department for Homeland Security, and from FedEx to Target, household names are failing to keep your data safe. That’s leading savvy net users to opt for anonymous payment systems and to think twice before handing over any personal information.

3. Cryptojacking

Unfortunately, even cryptocurrency payments are among this year’s top cyber security threats. That’s because 2019 has seen a spike in what’s known as “cryptojacking.” In fact, you could be cryptojacked right now without even realizing it.

What is cryptojacking all about? Well, essentially, it turns target computers or smartphones into tiny crypto mines. Attackers can inject scripts into fake websites, which implant crypto mining tools onto the systems of unwitting visitors. These crypto miners then whirr away in the background, carrying out the complex calculations needed to create Bitcoin or Monero.

The Cyber Threat Alliance has performed a thorough analysis and released some amazing stats. Apparently, cryptojacking is up over 450% in the past year, as vast numbers of hackers seek to maximize their crypto mining operations.

Some experts trace the cryptojacking epidemic back to tools developed by the National Security Agency (NSA) to spy on Windows computers. When the code for these tools became public, it was swiftly re-engineered to feature crypto mining apps, with easy access to Windows computers.

You might be able to head off cryptojacking with Adblockers, regular Windows updates, and antivirus software. But often, we just don’t notice if our bandwidth is siphoned off to mine cryptocurrency. That’s what makes cryptojacking one of the hardest cyber security threats to combat nowadays.

4. Cloud ransomware

A few years ago, if we told you that your remotely stored data could be targeted by a ransomware attack, you might think we were high. But in 2019, Cloud ransomware attacks were among the top cyber security threats out there.

In traditional ransomware attacks, hackers use malware to gain access to target computers or smartphones. They then lock these systems remotely and inform the user that they are being held to ransom. If the target doesn’t pay, they don’t regain access to their system.

To counter traditional ransomware, many people started to use Cloud storage as a backup for their data. But Cloud ransomware is challenging that strategy. First identified in 2017, a form of Cloud ransomware called Petya has spread across remote storage networks. Initially, it spread through HR departments via contaminated Dropbox files, but it was soon overhauled to spread via a Windows exploit called Eternal Blue.

What this means, is that the Cloud-based storage systems used to avoid the ransomware fallout could actually lead to even worse attacks. This particular Cloud ransomware attack wreaks havoc with target computers, tearing apart their master file tables and making it impossible to access files.

And Petya isn’t alone. As MIT reported back in 2018, Cloud ransomware is one of the latest cyber security threats to look out for, and it’s getting worse. According to the professors there, smaller Cloud storage companies are most at risk, compromising vast amounts of confidential customer data.

So, by all means, back up your data to handle top cyber security threats like traditional ransomware, but don’t assume that the Cloud is infallible. Be sure to use a reputable provider with rock-solid encryption, and avoid suspiciously cheap, little-known alternatives.

5. Social engineering scams

Social engineering is a technique used by cybercriminals to persuade targets to act in certain ways. It’s how they get you to open attachments containing malware or to hand over your credit card details to an attacker masquerading as an “Amazon customer care center.”

Such social engineering scams are well known. They still work, but 2019 has seen much more radical, sinister techniques starting to emerge.

The problems arise when social engineering and phishing meet artificial intelligence (AI) and machine learning. On one hand, machine learning tools are allowing criminals to create cybercrime factories. They can tell these tools to craft certain styles of email, then sit back and watch them go to work. There’s no chance of tiredness or burnout, and human error is minimal.

On the other hand, the rise of AI is allowing criminals to go beyond standard persuasive techniques. The next generation of AI tools can bring together huge amounts of data about targets, creating in-depth profiles to use when contacting and manipulating them. When they get started, you may have no idea that you are talking to a machine.

It’s not all bad, though. Plenty of people have argued that AI can help us neutralize phishers. But in truth, this could go either way. Technology is what we make of it, and you can guarantee that criminals will make AI a powerful way to compromise our security.

6. Internet of Things (IoT) attacks

Internet of Things (IoT) attacks are as scary as they are insidious. Devices that are connected to the IoT are becoming more and more omnipresent by the day. This includes all manners of web-capable devices, including smart household appliances, home security systems, webcams, smart watches, desktop and laptop computers, and even medical equipment. Unfortunately, they’re all susceptible to IoT attacks. Because this year, anything connected to the web can be hacked.

According to Forbes, IoT attacks surged by 300% in 2019, while Symantec reported that 75% of IoT attacks began with infecting the users’ routers. Webcams took second place with 15.2% of the whole IoT attacks pie this year. Once hackers take over an IoT device, they can use and abuse it however they want, including taking sensitive pictures for blackmail, holding users’ data hostage, disabling essential equipment, or overloading entire networks at will.

To protect against IoT attacks, however, you don’t have to go off the grid. Changing your default router passwords to strong and complex passphrases, keeping your IoT devices up to date, and installing a VPN on your router can help lower the risk of this cyber security threat to a minimum.

7. Medical record and healthcare device hacks

Cyberattacks on healthcare providers was another top cyber security threat in 2019. With patient data and medical records now stored online and smart medical device adoption rapidly expanding in hospitals across the world, the state of cyber security in the healthcare sector is far from adequate.

From electronic medical records to medical equipment, security vulnerabilities exploited by hackers can result in not only enormous data leaks, but also mortally dangerous remote tampering with healthcare devices that are connected directly to patients.

While the dangers posed by medical record and healthcare device hacks are incredibly worrying, they can be avoided by making sure that hospital staff has basic cyber security training. Since phishing and ransomware are the most common points of access to healthcare systems for hackers, simply training hospital employees to keep their software up to date and educating them about phishing scams could mitigate most of these cyber security threats.

Take action to counter cyber security threats

While the latest cyber security threats may seem worrying (and they should be), it’s reassuring to remember that the whole cyber security industry is dedicated to keeping us safe online. Antivirus and antimalware tools, encrypted data storage centers, and beefed up authentication processes are all there for us to use.

And Virtual Private Networks (VPNs) are part of the mix, too. In fact, using a VPN is essential if you want to keep yourself safe from the many cyber security threats out there. You just need to remember that it cannot protect you from all possible threats. For example, while torrenting with a VPN on will effectively hide your personal data in an encrypted tunnel, even the best VPN service won’t stop you from opening a malicious file pretending to be a new episode of a long-awaited TV series. And bad people are looking how to conceal malware in a torrent to make you click on it!

So, still not sure which VPN will be best for you? Head on over to our list of the best VPN services currently on the market and find out which provider best suits your needs.

But whatever you do online, arm yourself with the tools require to stay as safe as possible. There’s no such thing as 100% security, but just because the threats are mounting, doesn’t mean we need to be sitting ducks.

Top VPN providers
NordVPN
9.6 / 10
30-day money-back guarantee
Military grade encryption
Friendly support
Surfshark VPN
9.4 / 10
Strong encryption
Great performance
Unlimited simultaneous connections

Disclaimer: Affiliate links help us produce good content. Learn more.

12 comments
Leave a Reply

Your email address will not be published. Required fields are marked *


  1. Eric Rhodes

    A close friend of mine got into hacking at a young age. He never did it to rob people but he was fascinating with the idea of. While he never used what he learned for bad, he knows of a lot of people who do. They often use malware on smartphones today because the average smartphone user is not educated properly on the threats. Don’t even get me started with the Cloud! A lot of these people use machine learning nowadays too which is even worse. Great read and very informational. I am going to share this with people I know.


    1. Julie Cole Author

      Hey Eric –

      Thanks for reading! Smartphones definitely are a huge target these days.

      -Julie


  2. Johnnie

    It’s scary to learn that so many cyber security incidents happen all the time. Malware can be present in a program you need to install and you might not even know your PC has been corrupted. An internet attack can come at any moment and can even be disguised in something that doesn’t look threatening at all.


  3. Dolores

    Email hacking, network attacks or the inserting of malicious code into nice looking apps are just some of the dangers that await us now and in the near future. The cyber world is getting scarier by the minute and we all need to do the things required so we can stay as safe as possible. Just hoping we won’t be hit won’t solve anything.


  4. Etienne

    Hey Julie, Thanks for the article, the Internet attacks, and the cyber threat grows more & more with hackers trying to always find vulnerabilities in the system, we have to be careful! Quick question: do you think it’s enough to use VPN only in public Wifi or should we use it all the time?


  5. Jared

    I can’t believe the thought and skill that goes into the most recent cyber attacks. Many people don’t really understand how to protect their data and how easy it is to slip up and leave your computer, phone or other devices open to security threats. My question is more about how do we actually raise the concern we have and show others how to prevent these cyber attacks from happening to them? This was a very interesting read.


  6. Whoosit286

    It’s scary to think about the amount of information on my iPhone that someone would have access to if it was hacked. I’ve installed the app called System and Security Info which gives me a lot of information about my phone. I hope that’s enough to keep my info safe.


  7. Finlay Hayes

    This generation, data is life. I can’t imagine how I will cope if an attempted hacking turns successful. So I have taken the time to understand data protections threats to small scale business.


  8. 2344CJ

    People are not aware enough of the dangers of mobile malware. They still think that PC security is the maximal concern, when in reality mobile phone are devices that always have access to our information.


  9. Nichole_1889

    Even with all our technology and the inventions that make modern life so much easier than it once was, it takes just one big natural disaster to wipe all that away and remind us that, here on Earth, we’re still at the mercy of nature.


  10. Asha Mal

    Mobile security is a big deal, I never even imagined it was that big. I mean the only thing you can do is pray that the app you’re downloading is not infected. Being careful helps but it’s definitely not enough.


    1. briannabrioche89

      Not to mention that a person is much more likely to sign in to an unsecured network on a phone than on a computer. Hackers use those unsecured networks and can get our banking information so easily, especially since a higher number of people do banking through their phones than ever before.

Share
Share
Thanks for your opinion!
Your comment will be checked for spam and approved as soon as possible.