Cybersecurity in 2018: what we can expect to face
Mon 18 Dec 2017
At the end of a year that saw near-constant cyber attacks, including the Equifax breach, it would be easy to become overwhelmed by the sheer volume and intensity of cybersecurity concerns. Here, a host of security insiders tell us what to expect in the coming year so that you can protect yourself and your organisation.
Brian Chappell, senior director, enterprise and solution architecture, BeyondTrust
There will be an increase in mobile phone spam. With there being more mobile phones than citizens in most countries, mobile phone spam will rise 10,000% due to automated spam and dialling ‘botnets’ that essentially render most phones unusable because they receive so many phone calls from unidentified numbers.
This rise in phone spam will push cellular carriers to start to require that end users adopt an “opt in” policy so only those in their contacts can call them.
We can also expect to see an increase in ‘gaming eleteware’ infections. ‘Gaming deleteware infections across most major platforms will increase as botnets continuously attack gaming networks and devices such as Steam, Xbox, PlayStation, and Nintendo systems, with the sole intention of rendering the machine inoperable. The malware is downloaded as an embedded game add-on, causing millions of devices to need to be replaced.
Finally, as we see a rise in the adoption of the ‘latest and greatest’ device, we will see devices, including IoT devices, be cyber recycled. These devices, including mobile phones, won’t be destroyed, however. They will be wiped, refurbished, and resold within the U.S. and overseas even though they are have reached the end of their life. Look for geographic attacks against these devices to rise since they are out of maintenance.
Sarah Lahav, CEO, SysAid Technologies
IoT devices are starting to appear in our workplaces, and that trend is set to accelerate. This is something that should make all of us pause for thought because it’s going to have an impact on how we manage security.
If you belong to an organization that thinks of itself as security conscious, you have no doubt already devoted resources to managing network security, patches, version control and everything else needed to ensure your computers are safe and secure. You are much less likely to have given a lot of thought to your IoT devices.
Ensuring that these are safe is certainly going to make security management quite a lot harder; but if you ignore them, you might suddenly find your data centre under attack from the lightbulbs and toasters in the canteen!
The number of security breaches reported in the press has been escalating for many years and the scale of such breaches has been growing too. Many of these breaches have resulted in huge costs for the companies involved and the resignation of the board members responsible. There is no end in sight.
Carson Sweet, co-founder and CTO, CloudPassage
Every business wants to be more competitive, and the growing acceptance of shadow IT helps. Enterprise reliance on shadow IT will explode in 2018, and so will cyber attacks on these resources. Organizations will need to develop comprehensive policies and strategies for their shadow IT, or the consequences will be stark.
Cyber is the new battleground for cross-state conflict. There are a few reasons that this situation has evolved to the point that attacks on U.S. infrastructure will happen in the near future. These include growing dependence on technology, growing challenges in protecting technology, and the attractiveness of cyber warfare.
These issues have existed for years, but they’re independently hitting critical mass while at the same time converging into a “perfect storm” situation.
Jeff Costlow, director of security at ExtraHop
Big tech companies have been preparing for Perfect Forward Secrecy for several years now, and now the rest of the world will be catching up. Apple Store requires TLS 1.3 (requiring PFS) for all apps. Twitter, Signal, WhatsApp have used it for years, as have privacy activists such as Amnesty International and the Electric Frontier Foundation.
Within a couple of years, people will have started to change their keys as PFS picks up pace. To be sure, staying with TLS 1.2 will leave you open to Drown, Sloth, Poodle attacks and a variety of other ‘man in the middle’ attacks.
Derek Brost, director of engineering, Bluelock
Expect targeted ransoms to get more precise and expensive. Cyber attackers are increasingly recognizing that the value of attorney-client and financial data may exceed its conventional ransom evaluation. Most notably in this category is the Panama Papers breach, which has continued to have significant client implications.
Furthermore, sophisticated financial data theft from breaches such as Equifax, DocuSign, and the U.S. Securities and Exchange Commission demonstrate adversaries’ knowledge of data value and an ability to leverage it to their advantage. In addition to simple ransomware attack vectors, covert data theft and high-target ransoming will continue to become more common.
David Emm, principal security researcher, Kaspersky Labs
Connected vehicles are likely to face new threats as a result of growing supply chain complexity leading to a scenario where no one player has visibility of, let alone control over, all of a vehicle’s source code. This could make it easier for attackers to break in and bypass detection.
In healthcare, attacks breaching private networks to target medical equipment and data with the aim of extortion, malicious disruption or worse, could rise as the volume of specialist medical equipment connected to computer networks grows.
In financial services, the increased security of online payments means that fraudsters will turn their attention to account takeover attacks. Industry estimates suggest fraud of this type will run into billions of dollars.
Industrial security systems are likely to be at increased risk of targeted ransomware attacks. Operational technology systems are more vulnerable than corporate IT networks.
I also expect to see targeted attacks on companies for the purpose of installing cryptocurrency miners – and in time this could become a more lucrative, long-term business proposition than ransomware.