2017 has seen alot happen in the cyber world many examples including Equifax breach, state-sponsored attacks, Russian manipulation of social media, Wannacry, and more phishing scams than we can count, clearly “The more things change, the more they stay the same.” Jean-Baptiste Alphonse Karr’s famous line resonated back in the 19th century Parisian literary circles, and it resonates today in the 21st century cybersecurity industry.
Seeing these bad escalations in breaches might not make you be looking forward to 2018. They will most likely be bigger, hackers will be smarter, and security teams and budgets won’t seem to keep pace.
These are some of our predictions to watch:
1. Mobile mishaps
Mobile devices are part of the business IT fabric everywhere, yet they continue to be rarely, if ever, secured appropriately, in light of the vulnerability risk they present. We’ll continue to discover flaws in mobile operating systems that highlight the need for organisations to take a more serious approach to the protection of their mobile infrastructure and end-point devices against malware, spyware, and other cyber-attacks.
Mobile malware will continue to proliferate, especially mobile banking malware, as Malware as a Service (MaaS) keeps trending upward. MaaS allows threat actors of lower the technical barriers to launching attacks. Cryptominers also gained prominence in 2017, and we can expect to see more cryptomining malware being dropped onto mobile devices to harvest cryptocurrencies for criminals in the near future.
2. Decline of password-only authentication will accelerate
The Equifax and Anthem breaches were wake-up calls for many consumers, who are now asking questions about the safety of their online accounts. Most still have no idea about password alternatives or enhancements like multi-factor authentication (MFA) or risk-based authentication, but they are more aware that passwords alone no longer are enough. In fact, research done by Bitdefender shows that U.S. citizens are more concerned about stolen identities (79 percent) than email hacking (70 percent) or home break-ins (63 percent).
Liability concerns over compromised credentials are also driving companies to stronger authentication. In its Data Breach Industry Forecast, Experian points out that, after a major data breach at one company, credential reuse affects other companies. They are forced to notify users when hackers use their stolen credentials to fraudulently access services.
This is important, because companies often cite a lack of demand for stronger authentication as a reason for not offering it. They are reluctant to do so, in part, because they don’t want more complicated authentication degrading the user experience.
3. Cyber Attacks via compromised IoT devices will worsen
Millions of connected devices have little or no defense against hackers who want to gain control of them. In fact, it’s getting easier for hackers to take over scores of internet of things (IoT) devices. All they have to do is purchase a botnet kit from the dark web and they are in business.
The problem is that we haven’t yet seen what the hackers who control the botnets intend to do with them. Will it be to launch distributed denial of service (DDoS) attacks? Send massive amounts of spam? Or will they do something we haven’t seen before? We’ll find out in 2018.
It takes time to build, secure, and set up the command infrastructure for a botnet at a Reaper-like scale. A hacker would not likely invest that kind of effort without expecting a large return. Botnet attacks in 2018 could be very interesting, and not in a good way.
That’s the bad botnet news. The good news is that efforts against botnets are improving. In December, three people pleaded guilty to charges related to their creating and using the Mirai botnet to launch a DDoS attack on DNS service company Dyn. Also in December, ESET and Microsoft announced that they had cooperated to take down 464 botnets and more than 1,200 command and control domains. Also encouraging, an individual believed to be associated with the botnets was arrested in Belarus.
International cooperation will be necessary to stop botnets. The Belarus arrest along with the arrest of Peter Levashov, the hacker behind the Waledac and Kelihos spam botnets, in Spain last spring give hope that hackers will have fewer safe havens next year.
4. Cloud Services Concerns
Utilization of server-less computing and data storage in the cloud is becoming more widely adopted in business. However, it’s worth remembering that cloud technology and the infrastructure that supports it is relatively new and evolving, and that there are still serious security concerns that provide a backdoor for hackers to access enterprise systems and spread rapidly across networks. Misconceptions about the responsibilities and level of security needed operate safely within a cloud environment are common – as are misconfigurations – which leave the door open to breaches.
During 2017, over 50% of security incidents handled by Check Point’s incident response team were cloud-related, and more than 50% of those were account takeovers of SaaS apps or hosted servers. With the increased use of cloud-based file sharing services, data leaks will continue to be a major concern for organisations moving to the cloud. This was seen most recently when a breach at consultancy firm, Deloitte enabled hackers to access confidential records of several clients.
The growing adoption of SaaS-based email such as Office 365 and Google’s G-Suite makes for attractive cybercrime targets, and we expect cybercriminals to ramp up their cloud attacks during 2018.
5. Authenticating truth in the age of fake news
Fake news became a major issue in 2017 and will likely get worse in 2018. With CGI, photoshop and voice-over technology, it’s almost impossible to tell if a photo or video is real or fake. Solutions such as digital signatures and encryption enabled on trusted recording devices could help combat this issue, but the camera industry needs to include these options on equipment used by the news media—Nigel Smart, Co-Founder, Dyadic
In the face of fake news, the industry will develop a reputation management scheme that will allow individuals to verify their identities through an operation that records an interaction only a person can have. This reputation scheme will be universal and follow an individual across platforms, domains and online venues, even if the person wishes to remain anonymous—Simon Gibson, Fellow Security Architect, Gigamon, and former Bloomberg CISO
6. Consumer privacy and the GDPR, Chatbots will reign supreme
Data privacy and data security have long been considered two separate missions with two separate objectives, but all that stands to change in 2018. With serious global regulations kicking into effect, and with the regulatory responses to data breaches increasing, organizations will build new data management frameworks centered on controlling data – controlling who sees what data, in what state, and for what purpose. 2018 will prove that cybersecurity without privacy is a thing of the past—Andrew Burt, Chief Privacy Officer and Legal Engineer, Immuta
Chatbot takeover: In 2018, some financial institutions will begin using chatbots to facilitate payments, and this will lure cyber criminals who will impersonate good users and take over their accounts, possibly using remote access into the regular user PC to neutralize any device-based recognition—Uri Rivner, VP of Cyber Strategy, BioCatch
As businesses increasingly become data-driven to gain competitive advantage, the security industry continues to introduce sophisticated technology tools to keep sensitive customer, employee and partner information safe. In 2018, the next frontier in this battle to protect information will be the advancement of technology powered data privacy management solutions. Through a holistic practice of data governance, businesses will ensure that data remains secure and compliant with global legal regulations and user privacy requirements—Chris Babel, CEO, TrustArc
As the velocity and sophistication of security threats continue to rise, in-network threat detection and response must move to the top of every organization’s priority list in 2018 to reduce their potential for being breached. I also expect formal regulations will be enacted and consequences more heavily applied to organizations that do not implement a minimum standard of prevention, detection and response technology—Tushar Kothari, CEO, Attivo Networks
7. Artificial Intelligence as a double-edged sword
The way the good guys and bad guys use AI will shift. Cybersecurity is an arms race and the weaker party will resort to asymmetric means to achieve its goals. Just as organizations are adopting machine learning and AI to improve their cybersecurity posture, so are the threat actors. Attackers are using machine learning to speed up the process of finding vulnerabilities in commercial products, with the end result being that attackers will use ever more new exploits without signaling that AI was involved in their creation. AI will also increase the number of qualified cybersecurity professionals as it lowers the barriers of entry into the profession and allows less trained individuals to still be effective on the front lines of the cybersecurity battle. In addition, AI will allow existing cybersecurity professionals to move up-market by leveraging AI to find more complex attack scenarios before they do significant damage— Oliver Tavakoli, CTO, Vectra
Across the board, more criminals will use AI and machine learning to conduct their crimes. Ransomware will be automatic, and bank theft will be conducted by organized gangs using machine learning to conduct their attacks in more intelligent ways. Smaller groups of criminals will be able to cause greater damage by using these new technologies to breach companies and steal data. At the same time, large enterprises will turn to AI to detect and protect against new sophisticated threats. AI and machine learning will enable them to increase their detection rates and dramatically decrease the false alarms that can so easily lead to alert fatigue and failure to spot real threats—Mark Gazit, CEO, ThetaRay