/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow Us/ciol/media/post_banners/wp-content/uploads/2015/08/ID-100260833.jpg)
Sonal Vats
2017 witnessed a spate of cyber-attacks including WannaCry, NotPetya, Equifax breach, Zomato hack, HBO’s infamous GoT data theft and of course the latest Nicehash security breach. Unfortunately, the trend will continue in 2018 also. The increased connectivity and enlarged attack surface will present ever-increasing newer opportunities for cyber criminals to leverage known issues to penetrate a corporate network.
Apparently, threat actors will also play on growing technologies, like blockchain and machine learning, to enhance obfuscation against traditional cybersecurity protections.
Here are some of the top security predictions for 2018:
AI vs AI
While, so far Artificial Intelligence(AI) has been spoken of with regard to cyber-security and detection mechanisms, 2018 will see AI and machine learning (ML) being used by cyber criminals too to conduct attacks. With cybercriminals using AI to attack and explore victims’ networks, which is typically the most labour-intensive part of compromise after an incursion, it’ll be AI vs AI, says Symantec.
"This past year, cyber criminals caused major service disruptions around the world, using their increasing technical proficiency to break through cyber defenses. In 2018, we expect the trend to become more pronounced as these attackers will use machine learning and artificial intelligence to launch even more potent attacks," says Tarun Kaura, Director - Product Management, APJ, Symantec.
Furthermore, building on the sophisticated attacks like Hajime and Devil’s Ivy or Reaper, researchers at Fortinet predict that cyber criminals will replace botnets with intelligent clusters of compromised devices called hivenets to create more effective attack vectors. These Hivenets will then leverage self-learning to effectively target vulnerable systems at an unprecedented scale.
Organizations to struggle with SaaS and IaaS Security
Adoption of SaaS continues to grow at an exponential rate presenting many security challenges as access control, data control, user behaviour and data encryption vary significantly between SaaS apps. While this is not new and many of the security problems are well understood, organizations will continue to struggle with all these in 2018. This combined with new privacy and data protections laws adopted by regulators across the world will pose major implications in terms of penalties, and more importantly, reputational damage.
Same would be the case with IaaS that has completely changed the way organizations run their operations, offering massive benefits in agility, and scalability. However, it has also introduced significant risks, whereby simple errors can expose massive amount of data and take down the entire system.
Ransomware will continue to rule the roost
Ransomware will continue to be a mainstay of cyber-attacks due to its proven success. Business Email Compromise (BEC) attacks will also continue to gain popularity with attackers, as the return on investment for successful attacks is quite high.
“We foresee that the ransomware business model will still be a cybercrime mainstay in 2018, while other forms of digital extortion will gain more ground. The ransomware attacks will manifest itself in a more ‘Specialized’ and ‘Targeted manner’, unlike the earlier approach. With respect to India, in 2018 we will experience more number of attacks targeted at the ATMs, especially malware attacks. We also expect to see a rise in security incidents across Public Cloud platforms,” says Nilesh Jain, Country Manager, India & SAARC, Trend Micro.
File-less and File-light Malware will explode
2016 and 2017 registered consistent growth in the amount of file-less and file-light malware, with attackers capitalizing on organizations that lack in preparation against such threats. According to Symantec, with fewer Indicators of Compromise (IoC), use of the victims’ own tools, and complex disjointed behaviors, these threats have been harder to stop, track and defend against in many scenarios. Like the early days of ransomware, where early success by a few cyber criminals triggered a gold-rush like mentality, more cyber criminals are now rushing to use these same techniques.
The Rise of Cryptocurrency Hacks
Bitcoin miner Nicehash's security breach was just the beginning. As cryptocurrencies grow in importance, including as a method of extracting revenue from cybercrime, both Forcepoint and Symantec predict that the systems surrounding such currencies will increasingly come under attack. Cyber criminals will primarily focus on compromising coin-exchanges and users’ coin-wallets since these are the easiest targets. Then, of course, attackers will also target vulnerabilities in systems which implement blockchain technology.
Data aggregators: A new goldmine
The Equifax breach rocked the security industry, and the full impact of this breach has not yet played out. Cyber-security firm Forcepoint believes that this was the first of what will be many breaches on hosted business applications: those that contain information on a sales force, prospects and customers, or those which manage global marketing campaigns.
Attackers seek the path of least resistance, and if they can find a weak link in a system which already contains the crown jewels of personal data, they will exploit it.
IoT vulnerabilities
Vulnerabilities in IoT devices will expand the attack surface as devices get further woven into the fabric of smart environments everywhere. 2017 witnessed massive DDoS attacks using hundreds of thousands of compromised IoT devices in people’s homes and workplaces to generate traffic. This is not expected to change with cyber criminals looking to exploit the poor security settings and management of home IoT devices.
Politically Motivated Cyber Activity
The ability to quickly get messages across in cyberspace will fuel more politically motivated cyber activity across Europe in 2018. Publishing fake news, leaks and other data could help shift the political climate in some regions, thus leading to certain candidates and political parties being unfairly favored over others.
Need to step up defense mechanism
In the light of these predictions, it is important that both organizations and individuals in their personal capacity step up the defense mechanism to fight cyber-crime. According to Fortinet, security solutions need to be built around integrated security technologies, actionable threat intelligence, and dynamically configurable security fabrics.
Security should operate at digital speeds by automating responses as well as applying intelligence and self-learning so that networks can make effective and autonomous decisions. “Fabric-based security approaches that leverage the power of automation, integration, and strategic segmentation are critical to combat the highly intelligent attacks of tomorrow,” says Rajesh Maurya, Regional Vice President, India & SAARC at Fortinet.