CS1901

2019 predictions
Jeremy Rowley, DigiCert: an area that is
likely to see more adoption is encryption.
Scott Gordon, Pulse Secure: a major change
for 2019 onwards is focused on the bigger
picture issue of trust.
technique is extremely nasty, allowing it to
remain stealthy and difficult to find and
remove.
"Coinhive, initially innocent, was quickly
added to the standard toolkit for attackers
compromising websites. Even legitimate
website owners are using Coinhive without
knowing the impact it will have on their
visitors. If your computer processing power
(CPU) spikes to 100 percent when simply
visiting a website, it might be Coinhive."
Ransomware, meanwhile, has taken a
backseat to the top threats in 2018, due
to the rise of cryptomining. "However,
ransomware has become a more targeted
business model for cybercriminals, with
unsecured remote desktop protocol (RDP)
connections becoming the focal point of
weakness in organisations and a favourite
port of entry for ransomware campaigns,"
adds Webroot.
Tyler Moffitt, senior threat research
analyst, Webroot, concludes: "In 2018, we
saw cyberattacks changing faster than ever,
evading traditional defences and wreaking
havoc on businesses and everyday internet
users alike. From gaping security holes,
such as unsecured RDP, to tried-and-true
tactics like phishing and exploits, to
stealing crypto in the form of CPU power,
cybercriminals are exploiting vulnerabilities
in increasingly malicious ways. Businesses
and individuals must be vigilant, stay
informed and focus on improving their
overall cyber hygiene to avoid the
devastating effects of these attacks."
GEMALTO
"2019 will see the emergence of the future
of security - crypto-agility," states Jason
Hart, CTO, Data Protection at Gemalto.
"As computing power increases, so does
the threat to current security protocols.
But one notable example is encryption, the
static algorithms of which could be broken
by the increased power. Crypto-agility will
enable businesses to employ flexible
algorithms that can be changed, without
significantly changing the system
infrastructure, should the original
encryption fail. It means businesses can
protect their data from future threats
including quantum computing, which is
still years away, without having to tear up
their systems each year as computing
power grows."
When it comes to AI, Hart has this to say:
"Up until now, the use of AI has been
limited, but as the computing power
grows, so too do the capabilities of AI
itself. In turn this means that next year will
see the first AI-orchestrated attack take
down a FTSE100 company. Creating a new
breed of AI powered malware, hackers will
infect an organisations system using the
malware and sit undetected gathering
information about users' behaviours, and
organisations systems.
"Adapting to its surroundings, the
malware will unleash a series of bespoke
attacks targeted to take down a company
from the inside out. The sophistication of
this attack will be like none seen before,
and organisations must prepare themselves
by embracing the technology itself as a
method of hitting back and fight fire with
fire."
Adds Gary Marsden, Cloud Security
Solutions, Data Protection at Gemalto:
"As organisations embrace digital
transformation, the process of migrating
to the cloud has never been under more
scrutiny; from business leaders looking to
minimise any downtime and gain positive
impact on the bottom line, to hackers
looking to breach systems and wreak
havoc. As such, 2019 will see the rise of
a new role for the channel - the Cloud
Migration Security Specialist.
“As companies move across, there is an
assumption that they're automatically
14
computing security Jan/Feb 2019 @CSMagAndAwards www.computingsecurity.co.uk