1 year ago


2018 predictions AN

2018 predictions AN URGENT CALL TO ARMS IN THIS SECOND PART OF OUR TOP PREDICTIONS FOR CYBERSECURITY IN 2018, SEVERAL EXPERTS REVEAL WHAT MAY BE LYING IN WAIT. AND IT DOESN'T ALWAYS MAKE FOR EASY READING Whatever we may have thought of the many breaches, hacks and ransomware attacks that hit the headlines in 2017, do things look any better, now that we have some objective distance between us and those turbulent 12 months? The truth is 2018 looks like being 'more of the same', with the rhetoric regarding state-sponsored cyber assaults only ramping up. Add in a dusting of former spies being allegedly poisoned on UK soil and the feeling that we've slipped between the covers of a John Le Carré novel only intensifies. According to the latest research from Gartner, spending on information security services will reach $93 billion in 2018, an increase of eight per cent from 2017. Cybersecurity expert Simon Bain from BOHH Labs suggests that this increased investment will be required to address a number of critical challenges in 2018. This includes rising website attacks, chatbot technology threats and the need for greater cyber security awareness at board-level. All of which serves to remind us that can go wrong, will go wrong in cyberspace… unless, of course, we show unstinting vigilance in our own backyards to protect our organisations from the meteor shower of attacks now bombarding us across what seems to be every moment of every day. Feeling safe may be the outcome of ensuring every conceivable precaution has been taken. Being safe is a much different story, which is only as real as for however long that lasts. Read on for our experts' predictions as to where the greatest dangers may lurk over the coming several months… SIMON BAIN, CEO, BOHH LABS: Addressing ongoing cyber security threats represents a challenge for any organisation both practically and financially, and 2018 will unfortunately be no different. Looking ahead, there will be several notable issues that firms will need to strongly prepare for. One of the type of attacks that we will see gain more traction in 2018 is the website attack. With the growing use of online services (checking accounts, merchant accounts and Point-of-Sale (POS) systems, etc. now going through the web) the risk of attacks is large and has the potential to affect any institution using these services, as it opens access to institutions' backend databases, document stores and applications all 12 computing security March/April 2018 @CSMagAndAwards

2018 predictions within easy reach. This type of attack is very hard to find, but it is incredibly easy for attackers to undertake. Because an attacker can gain access to the website via high jacking a user's request, and then by simply making a small change to the code to redirect payment information their way while not stopping the correct path of the request, it makes it easy for attackers to get access to critical data without alerting any red flags. Critically, the website is no longer just a marketing tool. It has become a business tool, and as such, it now needs to be properly protected from attacks and placed inside a firewall, and preferably completely encrypted, so that attackers are unable to change, manipulate and delete code to their advantage. MARKUS BRAENDLE, HEAD OF THE AIRBUS CYBERSECURITY BUSINESS: Social media platforms are regularly being used for the spread of fake news or the manipulation of public opinion. But social media can also be used for sophisticated social engineering and reconnaissance activities which form the basis of many attacks on the enterprise. Criminals and hackers are known to use these platforms to distribute malware, push rogue antivirus scams and phishing campaigns to lure their victims. Social media provide the medium for connecting people globally, in the rapid exchange of ideas, discussions and debates in our digital world. However, from an attacker's perspective, social media have become an easy target because of the number of non-cyber security savvy users, and the fact that these platforms are easy and cost effective to use. To protect themselves against social media attacks, organisations need to implement enterprise-wide social media security policies. This includes designing training programs for employees about social media usage and creating incident response plans that coordinate the activities of the legal, HR, marketing and IT departments in the event of a security breach. Attacks on Wireless networks will increase, as attackers seek to exploit the Key Reinstallation Attack (KRACK) vulnerability, first made public in October 2017. The vulnerability can allow an attacker to intercept and read Wi-Fi traffic between devices and a WiFi router, and in some cases even modify the traffic to inject malicious data into websites. It could also allow attackers to obtain sensitive information from those devices, such as credit card details, passwords, chat messages and emails. Concerns about data privacy, the increasing use of cloud computing, an increase in data breaches and the introduction of General Data Protection Regulation (GDPR) will all contribute to the emergence of End to End Encryption (E2EE) as the most effective way for enterprises wishing to secure their data. But E2EE will also represent some challenges to law enforcement, as criminals continue to use this technique for espionage and subversion. TRAVIS FARRAL, DIRECTOR OF SECURITY STRATEGY, ANOMALI: Widespread cryptocurrency mining Cryptocurrency mining will become one of the major monetisation avenues for attackers, as more and more attacks and malware include mining functionality to generate revenue. In particular, a focus will be on in-browser mining that will be the result of website attacks. A simple few lines of Javascript can cause visiting browsers to 'mine' cryptocurrency while on the affected sites. This has been occurring previously, but not as widespread as it likely will be in 2018. An increase in DDoS attacks The return of mega DDoS attacks via IoTpowered botnets is likely in 2018. These have been pretty silent, compared to last year's attack against Dyn that took down many commonly used services, but could come back in a more nefarious way. The next wave could potentially affect large swathes of Internet services either by design or as collateral damage from another entity being hit, due to the sheer size of the attack. The wide attack surface of IoT devices makes them particularly attractive for botnets. Encouraging young talent into the industry The skills gap is definitely still holding the industry back. As cyber warfare increases, governments need to upskill the next generation of defenders. Figures around the cyber skills shortage make for sobering reading. A report from Frost & Sullivan and (ISC) found that the global cybersecurity workforce will have more than 1.5 million unfilled positions by 2020. Both private and state schools need strong cyber programs and academies should look to develop cyber skills in children from disadvantaged backgrounds. This will hopefully prevent talented teenagers being sucked into the dark side. Stealthy 'fileless' attacks will increase There is likely to be a move towards more sophisticated 'fileless' attacks (malicious scripts that hijack legitimate software, without installing themselves). There has already been a sharp rise. Such attacks are very difficult to stop with existing endpoint security and organisations will need to move to the next generation of defences. The focus will likely be on other industries outside of financial services. As the banks become more resilient in their ability to profile and learn from actors, less well protected organisations could be targeted, as we have seen with Forever 21 and the Jewson attacks in the UK. @CSMagAndAwards March/April 2018 computing security 13