Skip to main content
banner image
venafi logo

2020 Predictions: How Will Cybercriminals Abuse Machine Identities This Year?

2020 Predictions: How Will Cybercriminals Abuse Machine Identities This Year?

picture of a group of people in an outdoor plaza with yellow rectangles around them, identifying them as if by AI
January 9, 2020 | Emil Hanscom


From quantum computing to geopolitical changes, we can expect that cybersecurity will evolve in exceptional ways in 2020. In the coming year, cybercriminals will continue to exploit assets that consistently lack protection. And, unfortunately, machine identities still fit that bill.
 

In 2019, we saw leading indicators of machine identity abuse, such as global certificate outages, malicious software backdoors and major data breaches. Indeed, 2019 was a banner year for cybercriminals. And, in many of the largest incidents, the cryptographic keys and digital certificates that serve as machine identities played a primary role in malicious activity.
 

 

 

 

According to Kevin Bocek, vice president of security strategy and threat intelligence for machine identity protection leader Venafi, security professionals should expect to see more attacks targeting machine identities in the year ahead.

 

“Cybercriminals understand the power of machine identities and know they are poorly protected, so they target them for exploitation,” said Bocek. “In 2019, organizations spent over $10 billion protecting human identities, but most are just beginning to safeguard their machine identities. This continues to be true even though the number of humans on enterprise networks remains relatively flat while the number of machines that need identities – including virtual machines, applications, algorithms, APIs and containers – is projected to grow exponentially in 2020. It’s inevitable that machine identity attacks will intensify in the coming year.”
 

 

 


Bocek predicts cybercriminals will pursue machine identities in three distinct ways in 2020:
 

  1. Compromise automatic software updates

    Last year, the ASUS Live Update Utility service was successfully attacked by cybercriminals, which allowed them to load malicious code on over one million machines using the pre-installed automatic software update function.

    Attacks like these are likely to escalate in 2020 because many devices have a built-in automatic software update service, and when an update is signed with a legitimate code-signing certificate, these updates are automatically trusted. Unfortunately, because most organizations don’t tightly control code-signing keys and certificates, it’s easier for attackers to gain access and insert malware into the automatic software update process.

 

  1. Ransomware Targets the Internet of Things (IoT)

    Researchers have been detailing security flaws in IoT devices for years. In 2019, there were multiple product recalls on smart home devices due to critical security issues. While there hasn’t been a major security incident involving enterprise IoT, 2020 could be the year the pendulum swings the other way.

    Last year, ransomware attacks targeted individual machines in 
    hospitals and local governments, which led to whole cities being taken offline. If these tactics expand beyond targeting specific machines to hold data for ransom, it’s reasonable to assume that attackers will expand the ransomware model to target larger groups of IoT devices, such as medical devices – including pacemakers and insulin pumps – or focus on other systems like traffic control.


    Compromised machine identities make it entirely possible to use code signing certificates to ‘kidnap’ IoT devices using malware or use TLS certificates to create zombies. It seems quite possible that we’ll see an entire IoT network held for ransom in 2020.
     
  2. Seize on artificial intelligence (AI) 

    In 2020, algorithmic decision-making AI will become more mainstream. This will bring both opportunities and challenges, particularly around the transparency of AI algorithms. If organizations do not understand how some AI models work to reach specific decisions, it’s possible that bad actors will use this confusion to manipulate AI outcomes.

    Many AI models rely on blindly trusted machine identities. If machine identities are compromised, attackers can send malicious data streams that feed AI models. These types of attacks could have a wide-reaching impact on everything from predictive policing to financial forecasting.


     




“Machine identities are a relatively new, and very effective, point of attack because there is a huge gap between the security controls applied to human identities and those applied to machine identities,” Bocek concluded. “In 2020, everyone – from CISOs to security architects and security practitioners – will need to prioritize the protection of machine identities in their organizations in order to reduce these very real security risks.”
 

How do you think machine identity protection will change in the year 2020?

 

 

 

 

Related posts

Like this blog? We think you will love this.
microsoft-office-macro-ban-backtrack
Featured Blog

Microsoft Backs Off Internet Office Macro Ban [Update]

Microsoft disabled macro years ago by default

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies
eBook

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Emil Hanscom
Emil Hanscom

Emil is the Public Relations Manager at Venafi. Passionate about educating the global marketplace about infosec and machine-identity issues, they have consistently grown Venafi's global news coverage year over year.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more