2018 will go down as a year of highs and lows when it comes to digital security. While a fair number of developments were witnessed, a few inconveniences were also faced like the different cases of privacy violations of user data. The most infamous of these was the report involving Facebook and Cambridge Analytics which came to light in early 2018. This data breach was indirectly responsible for the creation and development of the General Data Protection Regulation (GDPR) in EU law.
Last year also saw Ransomware as the most significant digital threat present today and the increased vulnerability of devices linked to the Internet of Things.
Cryptojacking was another sore point in digital security in 2018 where thousands of Bitcoin wallets of uses were maliciously attacked.
Increased Incident Disclosure Expectations
The European Union's GDPR came into effect in May 2018. It required that companies need to report data breach of personal information within 72 hours of the company becoming aware of the breach. In the same vein, the New York Department of Financial Services (DFS) established that companies within its jurisdiction need to notify the DFS within 72 hours of confirming either of the following -
- A personal data breach and
- events that have a 'reasonable likelihood of materially harming any material part of the normal operation(s)' of the regulated entity.
Establishing time frames such as these have accelerated reporting times. Similarly, it has also enhanced pressure on companies to develop a measure of maturity when it comes to incident response as well as resiliency abilities of the companies that come under the purview of the GDPR.
On a separate note, February 2018 saw the U.S Securities and Exchange Commission release up to date guidelines that were primarily focused on -
- The importance of establishing robust cyber procedures and policies.
- applying insider trading restrictions in cases of cybersecurity incidents and risks.
Incidents at Uber, Yahoo, and Equifax, have compelled government and public companies to keep a closer watch on possible breach disclosure norms. A fundamental disclosure question is centered around materiality - what happens if there's a "substantial likelihood that a reasonable investor would consider the information important in making an investment decision or the reasonable investor would have viewed that disclosure of the omitted information as having significantly altered the total mix of information available."
The SEC does specify that "[w]e do not expect companies to disclose specific, technical information about their cybersecurity systems publicly," however, there is still a notion that public organizations should "disclose the extent of its board directors' role in the risk oversight of the company, such as how the board administers its oversight function and the effects this has on the board's leadership structure."
A fundamental question that arises from the above points is how exactly should a company's senior executives as well as board advance their understanding of cybersecurity risks to ensure that they can make well-informed decisions when it comes to materiality.
Single Factor Passwords
Single factor passwords are possibly the most straightforward keys to access personally identifiable information. Not surprisingly simple passwords are the fundamental tool in the arsenal of malicious users or hackers. This holds equally true for novice hackers as well as established nation-state players.
That said, they continue to remain the most preferred choice for security protection for a large number of companies and individuals. Unfortunately, this holds despite the relatively low cost and simple deployment of multi-factor authentication.
The bottom line remains that password-based breaches, as well as password theft, will continue to be a daily episode during 2019.
Cybercriminals Will Broaden Their Attack Vectors
The rise in usage and popularity of Internet of Things (IoT) is a significant influence when it comes to increasing the number of cyber breaches. According to Symantec, a cybersecurity firm, IoT attacks witnessed an increase of 600% year on year. This has forced companies to develop more sophisticated incident detection methods when it comes to IoT devices and networks.
Ransomware is another malicious software that is trending upwards. Ransomware attacks saw an increase of 300% last year with total damages amounting to more than $8 billion in 2018.
According to Cybersecurity Ventures, a company specializing in cybersecurity research and data, 2019 will see damages from ransomware attacks exceed $11 billion with attacks taking place approximately every 14 seconds.
Interestingly, even though the number of ransomware attacks increased, the average ransom demanded dropped from its peak of $1,071 in 2016 to $522 the year after. This is an indication that ransomware attackers have probably re-focused their attention to more high-value targets.
Mobile malware is another area continues to see a troubling growth. The popularity of mobile platforms for cybercriminals has been demonstrated by the fact that the number of new variants increased by 54% in 2017.
To keep track of the latest security exploits that cybercriminals use, you can also try security blogs. They will help you keep abreast with the latest exploits and how to respond to security flaws. Here are some of the popular security blogs.
Cisco's Blog on Security: This is a good place to find all the major security updates and news related to public discloses.
Exabeam's Security Blog: Exabeam's blog focuses on incident reporting , SIEM (Security Information and Event Management), insider threats and more.
Cryptojacking
If the recent trend of ransomware is anything to go by, cybercriminals will probably continue to use malware to advance their gains. Cryptojacking or 'Crypto Mining Malware' employs invasive methods for initial access, as well as drive-by scripts to pilfer information and resource from their victims.
Cryptojacking is a more reticent but deceptive method of profit that can affect endpoints such as servers and mobile devices. It works by running in the background and subtly stealing machine resources that result in higher benefits at lower risk.
Given the low risk, ease of deployment and high profitability, TCG puts forth the informed assumption that Cryptojacking will continue its upward trend and potentially increase in 2019.
Authentication Through Mobile Devices will Surge
The use and acceptance of biometrics, QR codes, facial recognition, etc. using mobile devices will increase, and more and more users and organizations put their trust in these methods to provide added security to currently 'insecure' terminals like DMV registrations, voting booths, etc.
This higher trend when it comes to acceptance is linked to the increased penetration of combined physical -cybersecurity when it comes to identity proofing.
IoT Botnet DDoS Attacks
The Mirai attack, brought about by the Mirai botnet discovered in August 2016, exposed the fact that an extensive network of compromised IoT based devices can be controlled remotely and used to launch massive and scaled attacks. These attacks have the power to impact millions of computers and machines and spawn powerful botnets.
Botnets are controlled by what is commonly known as 'Command and Control' (C&C) networks. The hacker that runs these attacks control the C&C networks and uses it to launch Distributed Denial of Service (DDoS) attacks on unsuspecting machines and networks.
In today's increasingly interconnected world, the threat of botnet DDoS attacks increases with the growing usage of IoT devices. A large number of IoT devices do not come with inbuilt security measures and are actively used by botnets to initiate DDoS attacks. Though the Mirai botnet is relatively fresh, it has already led to the creation of some spin-offs.
With the growth of IoT devices in the cyber ecosystem, this generation of DDoS attacks can mean that the number of such threats and the damage they can cause will only increase in 2019.
Conclusion
Inhibiting the number of threats and attacks that an organization can face in 2019 begins with educating employees of the possible pitfalls, making use of next-generation cybersecurity solutions at scale and keeping up to date with threats can potentially impact an organization or industry. These areas should be a high priority for cybersecurity personnel and managers.
The last few years have been witness to some of the most frequent and damaging cybersecurity attacks that industries have faced. The trends indicate that 2019 is set to be another record-breaking year of cyber threats, data security risks, and data breaches.