7 Things You Need To Know About Cyber Security In 2018
In 2017 came many high-profile cyber attacks to Uber, Deloitte, Equifax and the unforgettable WannaCry ransomware attack. So it is clear that while security updates and patches improve your firewalls, the attacks continue to increase. Creators of malware are not in the business for fun; they sell their ransomware for a price, or hold companies to ransom for not making cyber attacks which can cripple the companies under threat.
So what are the possible scenarios and predictions for 2018 for hacking, ransomware, meltdowns and data theft? Malware creators are at least as intelligent as ethical hackers, looking at how to use the latest trends and their loopholes to challenge, confuse and confute ethical hackers.
1. AI-powered attacks
Artificial Intelligence (AI), fuzzy logic and machine learning (which has the ability to “learn” from the consequences of past events in order to help predict and identify future results) is not just for ethical use. A report by Webroot states that 87% of US cyber security professionals are using AI for malware creation and will use AI to launch even more sophisticated cyber-attacks, but ethical hackers are not far behind. They are creating their antidotes using AI, much like inoculations are prepared for diseases. They are suggesting using AI to automate the collection of some critical information without human intervention. AI can also assist hackers in cracking passwords by using sophisticated algorithms.
2. More Sandbox-evading Malware
While sandboxing technology is now a popular method for detecting and preventing malware infections, cyber-criminals are creating methods to bypass sandboxes; new malware strains can recognize when they enter sandbox, and begin executing malicious code only alter exiting the sandbox. This can be compared to bacteria becoming resistant to antibiotics.
3. Failing To Comply with GDPR
The General Data Protection Regulation (GDPR) came into effect on 25 May 2018 with many important changes to the current Data Protection Directive, including increased territorial scope, stricter consent laws and elevated rights for data subjects. Though the penalties for non-compliance are high, it is expected that most companies will fail to comply with GDPR, since many will actually choose not to comply, feeling that the cost of compliance is greater than the risks.
4. Multi-factor authentication
Verizon’s 2016 Data Breach Investigations Report states that 63% of confirmed data breaches involved leveraging weak, stolen or default passwords. This is because most organizations still use single-factor authentication, meaning they basically rely solely on “something you know” (e.g. the 3 digit number on the back of your credit card). The familiar OTP (One Time Password) you get on your mobile while using your credit card for online purchases is an example of Multi-factor authentication.
Companies prefer not to implement multi-factor authentication, thinking users would not welcome it. But in view of the general public’s growing concern about stolen identities, there should be a great increase in the usage of MFA by various sellers.
5. Adopting More Sophisticated Security Technologies
Emerging new technologies will be welcomed with open arms in 2018. Deception technologies, which imitate a company’s critical assets but have wrong data and possible traps for malware, will become more popular. Using remote browsers can isolate users’ browsing sessions from the network actually used.
Solutions to detect and respond to anomalous behaviour will become more popular. These include: Network Traffic Analysis (NTA) to monitor network traffic to help determine the type, size, origin, destination and contents of data packets; Endpoint Detection and Response (EDR) solutions to can monitor endpoints and alert system admins of suspicious behaviour.
More companies will adopt sophisticated real-time change auditing solutions for securing critical assets in different ways, e.g. by detecting, reporting and responding to anomalous behavior such as user privilege abuse and suspicious file activity, which could be a single event alert or a threshold condition, detecting account modifications, deletions, inactive user accounts, privileged mailbox access, etc.
6. Rise in State-sponsored Attacks
Politically motivated cyber-attacks which go beyond financial gain could well become among the most important areas of cyber security. Typically designed to acquire intelligence for obstructing the objectives of other nations, they could also target electronic banking, defence systems, etc. Such cyber-attacks could be created and planned by individuals, organizations or governments, with China, Russia, Iran, Israel, North Korea, and the United States being examples.
Such attacks are targeted, sophisticated and well-funded with incredibly disruptive potential. With the level of expertise and finance behind these attacks, they may be most difficult to overcome. Ideally, governments’ internal networks need to be isolated from the internet, with extensive security checks for all staff members, with multi-factor authentication.
Government staff also need to be trained comprehensively to spot suspicious activity which many mean malicious attacks. Technology, more so computer hardware, software and antivirus should only be from tested and trusted sources, ideally from their own country. Periodic and surprise checks by ethical hackers are needed. Also, nations should collaborate and share any information about potential state-sponsored threats.
7. Ransomware and IoT
As most IoT devices don’t typically store valuable data, any ransomware for them would not sell today. Yet, we should realize the potential damage from IoT ransomware, e.g. hackers could target critical systems such as mobile phone service providers, threatening them to the pay the ransom with a deadline, failing which the attackers may shut down the services.