In 2017 cybercriminals caused major service disruptions across the globe, leveraging their technical proficiency and gaps in organizations infrastructure/applications to break through cyber defense. The cybersecurity landscape is expected to cause further damage, beyond our imagination in 2018. Some forecasts for 2018 are as below:-
- Bigger organizations will fail the basics (yet again) and get breached
- Healthcare will continue to be the focus for hackers, with health records breaches on high
- Education industry will suffer due to weak infra, and least awareness efforts
- Ransomware will be even more prevalent with phishing & privilege access exploits on rise
- Android, IOS and Mac malware will grow at unprecedent rate, leaving (apple) users aghast
- Botnets will continue to increase attack surface, impacting gaming industry and devices
Key areas which are expected to have major impact in cybersecurity landscape in 2018:-
Artificial Intelligence and Machine Learning :
Many organizations are adopting AI and ML to improve their cybersecurity posture which will enable enterprises to detect and protect against new sophisticated threats, increase their detection rates and dramatically decrease the false alarms. The threat actors are equally working on these, potentially to create exploits. More criminals will use AI and ML to conduct crimes across the globe. Utilizing these the ransomware will be automatic; bank theft will be conducted by organized gangs in more intelligent ways. Cyber threat detection will become more automated and advanced in threat classification and analysis with AI, ML adoption, but these can be considered as double-edged sword. One definite advantage though will be the increase the number of qualified cybersecurity professionals as it lowers the barriers of entry into the profession and allows less trained individuals to still be effective on the front lines of the cybersecurity battle. Expect to see AI vs AI cybersecurity battles emerging.
Cryptocurrency fuelled the growth of ransomware in 2017. 2018 is expected to see vulnerability in these currencies increasing the malicious activities and malware with increased incidents of hackers swapping legitimate owners addresses with their own address. This year is expected to see rise of new technologies like Hashgraph, which will create so-called competition for Blockchain and further be utilize to create new currency and other use cases. Also, expect to see downfall of one of the major cryptocurrency in 2018.
With GDPR coming into effect and with the regulatory responses to data breaches increasing, organizations will have to build new data management frameworks centered on controlling data. At this point the legislation doesn’t seem to be well understood, which has led to many organizations tabling it for ‘later’ and, for many, they will wait until the first prosecution is underway before they react. Also, since huge amount of PII has been breached/leaked in past years, it is expected that leaked information could be weaponized to cause massive attacks on major entities and sophisticated phishing/social engineering attacks to individuals that are undetectable and indistinguishable from the real thing. 2018 will prove that cybersecurity without privacy is a thing of the past.
Internet of Things :
Hackers will continue to leverage unprotected devices to break into home and corporate networks for spying on users. The attacks are expected to be persistent with a permanent backdoor. Smart homes are the newest trend to grow this year. We can connect and control everything from lights, refrigerator, locks, cameras, thermostats via networks. While this initially seems like a convenient way to automate processes in our home, these items aren’t tested from security perspective. Hackers will exploit unknown vulnerabilities present these connected devices to breach your home network or to gain unauthorized access to your home. IoT in medical have gained traction in past years, don’t be surprised to see the medical IoT hack leading to stolen data. Such hacks can cause patient’s personal health information leaked to a public. With the changing scenario, manufacturers are expected to start addressing security faults and associated risks.
New attack vectors :
Mainframes are the epicentre of financial services for thousands of global organizations and mostly overlooked by security teams posing an attractive higher value target for attackers. Cyber attackers will begin looking at mainframes as a future source of attacks as mainframes can also be utilized for multiple different attack scenarios, particularly espionage. Attackers who previously spun malicious software processes to establish persistence will be looking to launch attacks on containers inside the data-center. In 2018, business addresses will be compromised for use in attacks. Websites will be compromised to host malware, digital currency mining operations, or data gathering. Enterprise ransomware will likely become a major trend in 2018 with file-less and file-light malware posing significant threat. Also, large public cloud providers can expect destructive attacks and bigger data breaches resulting in a temporary slowdown of cloud.
Sophisticated attacks on Critical Infrastructure :
The size, time-period and damage of nation-state attacks will increase bringing down critical infrastructure in order to show their strength. Cyber war will continue with targeted phishing campaigns and related fake news, social media reports based on ideological boundaries, with intent to destabilize the internal social fabric of their adversaries and to gain technological advantage. As critical infrastructure companies are behind in preparing their operational facilities to confront cyberattacks, making them an easy target for politically-motivated attackers, expect to see significant attack on the critical infrastructure of super power. Also, major compromise of a government agency’s online operations in the form of a data breach of personal information, defacement of websites, disablement of internal systems is most likely to be top news in 2018.
2018 will see even more aggression with attackers deploying army of bots to propagate the false narratives used to weaponize malicious fake news, launch multi-vector DDoS, ransomware, and malware campaigns to impede critical infrastructure cybersecurity and national security. How much Government, Enterprises and individuals are prepared and taking PROACTIVE measures is yet to be seen.
By:- Sapan Talwar