Cybersecurity remains a hot topic in 2018. In 2017 it managed to dominate global news for days during the ransomware “WannaCry” outbreak. Although on one hand cybersecurity systems constantly improve and become able to face cyberthreats, cyberattacks are evolving at the same speed and beat more complex cybersecurity systems every day. Being prepared means staying on top of the latest trends in cybersecurity. In this blog we’ve identified five cybersecurity trends to watch in 2018!
Rasomware attacks more than tripled in 2016: 101 new ransomwares were detected! On top of this the average ransom that needed to be paid to gain back control over your computer more than tripled in 2016: $ 1.077 per machine. Ransomwares attack both consumers and businesses. Most ransomwares are spread via email, for example through mass email campaigns with general subject lines and a fake receipts or invoices attached, tricking people into opening the attachment. A substantial number of victims pay the ransom when their computer becomes infected. However, often the files weren’t returned after the payment. Additionally, ransomwares are developing and becoming stronger because of better cyber security: ransomwares are acquiring stronger technologies and are now able to attack more difficult targets.
Another option for ransomwares is to change targets as soon as their old targets have better defense. Victims often are individuals with high net-worth, but also businesses and their connected devices.
During the last months, the purposes of attacks are evolving: the aim of ransomwares is not only to extort individuals, sabotage cybertechnologies and disrupt organizations, but also to create new variations of ‘cybercrime business models’, driving the expansion of the cyber insurance market.
Internet of Things: new targets
Because of the huge popularity of the Internet of Things (IoT) in 2016, cyber attackers started to point their arrows at IoT devices. Over the course of 2016, the attempted attacks on IoT devices almost doubled!
The most famous example in 2016 was the Mirai malware attack, targeting IoT devices protected with default credentials. In October 2017 Mirai attacked DNS provider Dyn which blocked a number of popular websites, like Netflix, Twitter and PayPal. These events show the necessity of better security systems for IoT devices. One way to do this is through so-called deception technologies: these technologies are creating thousands of fake credentials into an organization’s network, which makes it very difficult for cybercriminals to access a legitimate set of user identities. As soon as a cyberattacker uses a fake credential, the security operations team receives an alert.
Demand for higher Identity Security
In 2016 identities were stolen almost twice as much in 2015, rising from 564 million to 1.1 billion. In the last 8 years, more than 7 billion identities were stolen. The most shocking case happened in 2013 and 2014 at Yahoo: more than 1.5 billion users were compromised. The great amount of identities stolen shows us how essential it is to have a strong and unique password for our online accounts. Another tip to ward off identity thieves is enabling multi-factor authentication. On top of this, machines are starting to analyze users’ activities by using deep learning. They analyze our online behavior over a period of time, which allows machines to predict whether the person trying to access my data is me or not. This can improve the ability to detect cyberthreats.
Priority to Cloud Security
Although cloud systems are becoming more popular constantly, their increased popularity also develops security problems. This affects private as well as public cloud use. For instance, companies often store their data on the cloud. Therefore, cloud environments are a target for security breaches. The security problem is expected to increase in 2018, especially when it comes to shared cloud storages used by several companies. Enterprises should develop security guidelines and prepare strategies to prevent and solve security issues. It is expected that 20% of enterprises in 2018 will develop data security and governance programs to prevent data breaches. Cloud based security system are likely to be integrated with a network firewall, web application firewall or secure web gateway.
Shifting focus to Protection and Prevention
The newest security systems try to predict (and consequently prevent) cyberattacks before they will happen. This would be the perfect solution: preventing instead of curing. To be able to do that, we must protect our devices from cyberthreats. Although it’s not all worked out yet, the focus shift from curing to preventing is likely to happen soon. The best option is in fact to invest in prevention: implementing a security system which will detect cyberattacks in advance. Consequently, enterprises will have time to develop a defense strategy to face the problem. It is shown that most of the cyberthreats can be predicted in advance.
In conclusion: we cannot control and protect everything, but we can inform ourselves about future directions and developments in cybersecurity, and try to at least avoid some threats. If we stay up to date on the latest trends in cybersecurity, we can optimize the level of security for our devices. In 2018, the focus will be on cloud security, data security, privacy and application security. For this reason, there will be a high demand for professionals with skills in cybersecurity. After all, cybersecurity is the main priority in every sector!
Source: Academy Cube