CS1901
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
2019 predictions<br />
Jeremy Rowley, DigiCert: an area that is<br />
likely to see more adoption is encryption.<br />
Scott Gordon, Pulse Secure: a major change<br />
for 2019 onwards is focused on the bigger<br />
picture issue of trust.<br />
technique is extremely nasty, allowing it to<br />
remain stealthy and difficult to find and<br />
remove.<br />
"Coinhive, initially innocent, was quickly<br />
added to the standard toolkit for attackers<br />
compromising websites. Even legitimate<br />
website owners are using Coinhive without<br />
knowing the impact it will have on their<br />
visitors. If your computer processing power<br />
(CPU) spikes to 100 percent when simply<br />
visiting a website, it might be Coinhive."<br />
Ransomware, meanwhile, has taken a<br />
backseat to the top threats in 2018, due<br />
to the rise of cryptomining. "However,<br />
ransomware has become a more targeted<br />
business model for cybercriminals, with<br />
unsecured remote desktop protocol (RDP)<br />
connections becoming the focal point of<br />
weakness in organisations and a favourite<br />
port of entry for ransomware campaigns,"<br />
adds Webroot.<br />
Tyler Moffitt, senior threat research<br />
analyst, Webroot, concludes: "In 2018, we<br />
saw cyberattacks changing faster than ever,<br />
evading traditional defences and wreaking<br />
havoc on businesses and everyday internet<br />
users alike. From gaping security holes,<br />
such as unsecured RDP, to tried-and-true<br />
tactics like phishing and exploits, to<br />
stealing crypto in the form of CPU power,<br />
cybercriminals are exploiting vulnerabilities<br />
in increasingly malicious ways. Businesses<br />
and individuals must be vigilant, stay<br />
informed and focus on improving their<br />
overall cyber hygiene to avoid the<br />
devastating effects of these attacks."<br />
GEMALTO<br />
"2019 will see the emergence of the future<br />
of security - crypto-agility," states Jason<br />
Hart, CTO, Data Protection at Gemalto.<br />
"As computing power increases, so does<br />
the threat to current security protocols.<br />
But one notable example is encryption, the<br />
static algorithms of which could be broken<br />
by the increased power. Crypto-agility will<br />
enable businesses to employ flexible<br />
algorithms that can be changed, without<br />
significantly changing the system<br />
infrastructure, should the original<br />
encryption fail. It means businesses can<br />
protect their data from future threats<br />
including quantum computing, which is<br />
still years away, without having to tear up<br />
their systems each year as computing<br />
power grows."<br />
When it comes to AI, Hart has this to say:<br />
"Up until now, the use of AI has been<br />
limited, but as the computing power<br />
grows, so too do the capabilities of AI<br />
itself. In turn this means that next year will<br />
see the first AI-orchestrated attack take<br />
down a FTSE100 company. Creating a new<br />
breed of AI powered malware, hackers will<br />
infect an organisations system using the<br />
malware and sit undetected gathering<br />
information about users' behaviours, and<br />
organisations systems.<br />
"Adapting to its surroundings, the<br />
malware will unleash a series of bespoke<br />
attacks targeted to take down a company<br />
from the inside out. The sophistication of<br />
this attack will be like none seen before,<br />
and organisations must prepare themselves<br />
by embracing the technology itself as a<br />
method of hitting back and fight fire with<br />
fire."<br />
Adds Gary Marsden, Cloud Security<br />
Solutions, Data Protection at Gemalto:<br />
"As organisations embrace digital<br />
transformation, the process of migrating<br />
to the cloud has never been under more<br />
scrutiny; from business leaders looking to<br />
minimise any downtime and gain positive<br />
impact on the bottom line, to hackers<br />
looking to breach systems and wreak<br />
havoc. As such, 2019 will see the rise of<br />
a new role for the channel - the Cloud<br />
Migration Security Specialist.<br />
“As companies move across, there is an<br />
assumption that they're automatically<br />
14<br />
computing security Jan/Feb 2019 @CSMagAndAwards www.computingsecurity.co.uk