One thing is certain for the cybersecurity world in 2019: there will be lots of online attacks, and a large part of it will use new techniques. Some kinds are in decline, and some will become worse than ever. There may be new approaches that will take everyone by surprise. The best we can do is extrapolate from 2018 and the years before. That’s enough to give us a good idea of where the dangers lie and what we have to do to protect our systems.
Increasing Cybersecurity Compliance Requirements
Growing regulatory requirements, such as HIPAA in the United States and GDPR in Europe, create another incentive to protect data. Companies that are entrusted with personal data face huge penalties if they’re found negligent in protecting it. GDPR went into effect in May 2018, and enforcement to date hasn’t been on a large scale. This will definitely change in 2019. In the United States, the federal government and some states are looking at similar regulations for cybersecurity.
Most people think of ransomware as a threat to their own machines, but it can mangle cloud data as well. The cloud threat has been around at least since late 2015. It became one of the top threats in 2018. In general, ransomware is moving away from hitting random targets for small amounts of money and is becoming more focused on the most lucrative targets. Today businesses put large amounts of data on cloud servers, and the prospect of losing it all can force them to pay the perpetrators.
Protective software and frequent backups minimize the chances of having data wiped out, but not all providers are equally good at carrying out these measures. The ones that have been caught napping will need to adopt better security measures if they want to avoid embarrassing and costly incidents.
The trend away from saturation attempts and toward selective targeting also shows itself in a phishing email. For some time now, “spearphishing”, the crafting of messages for specific individuals, has grown as a threat. Criminals acquire enough information about them to plausibly impersonate high-level executives or their subordinates. Sometimes this information is publicly available on websites such as Facebook and LinkedIn. Sometimes thieves pull information out of breached data so that they can cite confidential facts. Often the goal is to get someone to transfer assets to the criminal, thinking it’s a legitimate request. There have been reports of spearphishing in Russian attempts to influence some of the 2018 US elections.
AI for Personal Targeting
Spearphishing still isn’t the ultimate in targeting. A new AI-based threat called DeepLocker spreads through many machines, hiding its payload until it reaches the victim. It uses a neural network to determine when it has met its trigger conditions, and only then does it strike. It’s like a ninja moving stealthily from room to room. No one notices him until he stabs his intended victim.
AI has been in use for many years to mutate malware, making it harder to identify by signature while leaving its effect unchanged. But this new form of targeting carries an entirely new type of danger. It might serve to wipe out or modify personal correspondence or to convincingly spoof a message from a high public official.
The Mirai botnet attacks of 2016 were a wake-up call for the Internet of Things. Before that, manufacturers produced cheap IoT devices and users installed them with little thought of security. Since then, the tide has begun to turn. Businesses have started demanding cybersecurity, and they’ve put more thought into how they use the devices in their networks.
At the same time, infrastructure improvements have made it harder for DDoS to do effective damage. GitHub reported in May 2018 that it withstood “the largest known DDoS attack in history“. It didn’t make headlines since GitHub went offline for a mere ten minutes.
In December 2018, the FBI shut down 15 domains that were selling DDoS as a service. That should slow down the problem for the near future.
This doesn’t mean that such attacks are on their way out. Indeed, 2019 could be the year that cyberattackers take out an entire country’s critical infrastructure. The 2015 online attack on Ukraine’s power grid, which left hundreds of thousands of people without electric power, is a taste of what could happen. Nation-states have the resources, and they aren’t the only ones that do. An attack could target the domain name system, perhaps attempting to disable a country’s TLD. Certainly, any attempt of that kind will follow a long period of careful preparation, just as a major military action does.
Data Integrity Breaches
Data theft isn’t the only thing that can result from a breach in cybersecurity. Sometimes the object is to alter data. This can be hard to detect, since it requires only a one-time action. The aim could be to manipulate financial data in order to influence stock prices. It could be to damage the reputation of individuals or companies. In December 2018, the FDA cited a company for its failure to handle a data integrity breach. The breach manipulated assessment data and backdated analytic results. Cloud services, as well as on-premises servers, are at risk.
Criminals have taken control of people’s mobile phone numbers by convincing the cell provider to change service to a new phone. Even the chief technologist of the Federal Trade Commission fell victim to this kind of theft. The thief can use the hijacked number to receive password reset messages for accounts and change their passwords. Used in combination with password theft, it can circumvent multi-factor authentication. This type of attack took off alarmingly in 2018 and isn’t going to fall off in 2019.
Cryptocurrencies like Bitcoin are built on “mining” for new blocks in the blockchain. Finding a new block takes a lot of computing work, and it’s rewarded with a small amount of the currency. With enough machines doing the work, the payoff becomes significant. In the past couple of years, criminals have injected mining software into victims’ computers and collected the rewards.
Lately, cryptocurrencies have dropped far below their extravagant highs of mid-2018. As a result, there has been much less interest in cryptojacking. If prices rise again, it could make a comeback.
Whatever happens on the cybersecurity front in 2019, you need to be ready for it. You can’t neglect any part of your data assets, whether you maintain them locally or on the cloud. Agile IT provides cloud migration, management, and security to keep all of your information safe from hostile actors. When your business is at stake, you need the best protection available. Get in touch with us to learn how we can help to guard your cloud assets against old and new threats.