Jon Fielding, Managing Director, EMEA at Apricorn:
“Whatever the future holds in term of new and advancing technologies, the questions we need to answer are the same: what are the security implications, and how do we manage them? Everyone has a view on this, but the overarching response should always be to revert to basic security best practice.
The biggest threats to enterprise data assets are the same ones we were worried about last year – and even a decade ago. Ultimately, our goals remain unchanged: data protection, compliance, breach avoidance, and – worst case scenario – incident response and remediation.
Many security breaches are still down to something as simple as choosing a weak password, using non encrypted portable devices/ hardware, clicking on a link from an untrusted source, a lack of software and systems updates or poor employee education. To avoid putting data at risk and ensure compliance next year, and every year, organisations must create user-friendly policies and procedures and build a maximum level of education and awareness, and ensure sensitive and valuable data remains encrypted at all times.”
Sam Humphries, Senior Product Marketing Manager at Rapid7:
“2019 will see the GDPR really cut its teeth, both from a fining perspective and from a court case point of view. Supervisory authorities (such as the Information Commissioner’s Office) who have the power to audit, investigate, and fine organisations for non-compliance, have already begun issuing fines and enforcement notices under GDPR, and we expect to see this activity increase significantly during next year. There is a strong likelihood that we’ll see a maximum fine (20 million euro or 4% of total revenue) dealt to an organisation, given some of the investigations that are currently ongoing.”
.
Deral Heiland, IoT Research Lead at Rapid7:
“With the ever growing influx of new IoT products such as stoves, cookers, and microwaves, I expect we will see an increase in physical injuries directly related to the IoT enablement of devices. These devices, on their own, have a risk of physical injury, but with remote, and voice enabled functions they become potentially more dangerous.
With the number of IoT technologies in the workplace beginning to outnumber conventional IT assets, there is an ever increasing probability that these devices will be used as entry points by malicious actors to further compromise corporations for data breaches. Expect in 2019 to see this become a reality and news of several breaches directly tied to installed IoT technology.”
Jose Miguel Esparza, Head of Threat Intelligence at Blueliv:
Increase in IoT attacks
Gartner predicts that by 2020, there will be over 20 billion connected devices – and many of them remain currently comparatively easy to compromise. Indeed, the growth in devices will very likely mirror the growth in IoT-based malware and has already been evidenced in recent years by the likes Mirai, IoTroop/Reaper and more recently Sharebot attacking routers. Simply put, the pace of innovation and deployment of network connected systems has outstripped the necessary safeguarding measures – and even more worrying, it is often very difficult to retrofit cybersecurity to some of these IoT devices. Risk will remain at a high level in 2019.
GDPR and ‘ransom-hacking’
Barely a week goes by without another breach reported, and while GDPR is already in force, it is fair to say that both companies and regulators have been testing the waters regarding its implementation. Last year we predicted the rise of a phenomenon which has recently been named ‘ransom-hacking.’ In the event of a breach, it has been suggested that some companies would rather pay a ransom to the cybercriminals to recover their data, rather than admit the attack to the regulator and be hit with a penalty. We expect that 2019 will see both heavier implementation of the regulation, and a rise in ransom-hacking too.
Cybersecurity capturing the attention of the board
Cybersecurity is finally getting the attention it deserves in the boardroom. Major attacks on the likes of Facebook or British Airways (to name just two!) have made international headlines, encouraging members of the C-suite to start asking questions of their own security posture. Meanwhile, the threat of GDPR non-compliance has added an extra fear factor. The potential financial, reputational and business costs mean that 2019 will see CEOs, CFOs and Legal breaking down silos within companies, and assess how integral cybersecurity is to their business strategy. From the other direction, CIOs, CISOs and CTOs will encourage both their peers and the rest of the company to understand the importance of a robust security posture.
Barrier to entry to hackers much lower than before
The barrier to entry for cybercriminals is lower than it has ever been before. It is no longer the reserve of a seasoned hacker to launch an attack on an enterprise, nor is it difficult to get hold of the tools to commit cybercrime. For example, Agent Tesla is openly sold as malware-as-a-service directly from its ‘official’ website, www.agenttesla.com, for prices ranging between $9-15 per month, depending on the length of the subscription, and with the advantage of receiving updates and 24/7 support. It remains a popular choice among cybercriminals due to its price and availability, but likely that in 2019 access to malicious programs will be even easier.
Back to the future
Cybercriminals are constantly evolving their techniques to exploit the enterprise, developing new methods to attack and exfiltrate data. However, older unpatched vulnerabilities continue to be exploited to devastating effect – for example, old drivers that aren’t patched enable certain strains of malware to escape sandbox detection, providing an entry point to attackers that might not have been considered by the usual threat detection methods.
APT and targeted attacks continue to rocket
Currently, there has been a failure at the international level to respond to organized crime and clear state-sponsored cyberattacks. Many enterprises and institutions have demonstrated an inability to defend against such attacks, and therefore we expect a continued uplift and increased technical sophistication as APTs grow in confidence and scope. In addition, non-nation-state targeted attacks, carried out by groups such as Cobalt Gang or Anunak/Carbanak, are also likely to see an increase. Threat intelligence is one tool in a deep defence model which allows for enhanced threat mitigation.
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.