Retaliation, AI and cloud incursions: the top 3 security trends coming in 2019
This year has seen some extremely damaging consequences due to the increased frequency of ransomware and related viruses, as well as online fraud and other malicious incursions against IT infrastructure in both the public and private sector.
In many cases, these attacks might have been less damaging if better cyber hygiene had been implemented, or if employees knew more about what to do - and what not to do - to avoid the spread of malicious code or other attacks.
As we look ahead to 2019, it's clear that while cyber hygiene is still essential, it is not sufficient to stem the rising tide of cyber security problems. Enterprises must be diligent in developing and maintaining data protection strategies, combining data backup and recovery plans with infrastructure management and advanced cyber security practices. Without these data protection strategies, we as an industry will not be able to stay ahead of the advancements that bad actors are making in their dirty work.
That said, here are the three most likely things that government and business should prepare for in the coming year.
One of the main scenarios that is likely to emerge is a boost in hacking activities from China and other nation-states that have found themselves in the political spotlight.
China, for example, already number one in cyber crime and other nation-state hacking activities, will likely be motivated to do more in 2019. If the arrest and detainment of Huawei CFO Meng Wanzhou in Canada is any indication, China will definitely respond with all the tools at its disposal.
So far, China has responded to the arrest by incarcerating several Canadians in China, sentencing them to "administrative punishment." But these responses are likely to be compounded by cyber attacks on both Canada and the US.
It already appears that China is behind several recent high-profile hacks, such as the one perpetrated against the Marriott hotel chain. Unless the political fervor cools, it's likely that China will expand its chess game and come after both Canada and the US even harder, with attacks on their typical targets in the financial, legal, healthcare, and hospitality industries.
And China is not the only likely source of retaliatory hacking. If economic sanctions are held in Iran, we will see bad actors in that country also responding with increased cyber attacks. In fact, the recent Shamoon based destructive malware attack already out in Europe and the Middle East, is confirmed to originate from Iran and literally wipes out infected computers by overwriting all of the data with garbage. Iranian cyberattacks are not only geared for making money, but also for optimum destruction. After all, the nefarious SamSam virus was created by two Iranian hackers.
To date, that virus has taken down several US state agency IT infrastructures as well as corporate systems. Let's hope that political tensions will cool before they escalate in the IT realm.
AI in hacking.
Another trend to watch is bad actors using machine learning and artificial intelligence to cripple organizations in both the public and private sectors.
In the most recent quarterly Fraud Index Report from DataVisor, findings based on hundreds of millions of user accounts showed that fraudsters are beginning to outsmart conventional approaches to machine learning.
Sophisticated fraud attacks are on the increase, and their scope is on average more than twice the size of less sophisticated attacks typical in social media. According to the DataVisor study, fraudsters are lying in wait for over a year after establishing bogus accounts, conducting only normal transactions on those accounts while they test how much they can get away with.
These more sophisticated attacks are starting to use cyber experts' own tools against them, by incorporating machine learning and artificial intelligence technology into their attack strategies.
It's extremely likely that bad actors will begin building variants of ransomware, to make such viruses more intelligent and less susceptible to detection. Both China and North Korea will be increasingly involved in this type of malicious activity. North Korea has had considerable success in developing artificial intelligence, and may soon end up taking the lead on money extorted from victims of ransomware attacks. We may even see collaboration among bad actors to broaden the reach and potential damage from cyber attacks.
Good cyber hygiene and best practices need to be implemented in both the public and private sectors to defend against such attacks before AI makes it even harder to stop. Unfortunately, many people are not particularly well educated in what to do and what not to do to recognize possible hacking efforts. Without private and public sector initiatives to educate users in addition to improvements in overall cyber hygiene, as a result, we may see these smarter hacking activities result in crippling consequences in both business and government.
Cloud infrastructure hacking on the rise.
In the coming year, we will almost certainly hear of increased hacking efforts leveled against cloud providers. As we migrate to the cloud, we are relying on these companies for infrastructure security.
Bad actors are going to begin looking to damage the major public cloud providers directly, in addition to infiltrating enterprises. That raises some very troubling questions. Can hackers possibly have the wherewithal to take down an availability zone? Could hackers have the sophistication to possibly take down an entire region or data center? That can happen through denial of service attacks and other technologies.
The back door to hacking of cloud service providers could likely come in the form of businesses not paying enough attention to the "Shared Responsibility" requirements outlined by CSPs like Amazon Web Services and Microsoft Azure. Those requirements make it clear that CSPs are responsible for security OF the cloud, and clients are responsible for security IN the cloud.
Unfortunately, while cloud users are still responsible for protecting whatever they put into the cloud, it's not happening consistently. We could see infections that take hold in an enterprise, and since that enterprise is connected to cloud services, the infection spreading to the CSP. If the sophistication of malware increases we could begin to see it move cross platform. Once it's in there, you can be sure that the bad guys will begin digging for more back doors and other vulnerabilities they can exploit.
Time will tell how damaging these trends may be to the networking world, but one thing is for certain: Organizations need to get a better handle on their data protection strategies if they hope to come out unscathed at the end of the year.
The Latest News