2019 security predictions

The cyberthreat landscape is always evolving, and 2019 promises to see emerging threats ramp up, a well-established threat return and industry verticals fight back.

By Tim Ferguson

Wed 19 Dec 2018 @ 12:39

As 2018 draws to a close, the cyberthreat landscape remains as dynamic and dangerous as ever. The threat of organisations suffering a compromise has never been higher, so focusing on detecting and mitigating these threats is the order of the day.

While ransomware has been less of a factor in 2018, cybercriminals have focused their efforts on individual users as a way to achieve their goals. And emerging technology has offered new routes into organisations which threat actors can exploit.

So, as the new year approaches, what will 2019 bring? We’ve looked at the evidence and come up with the following three predictions.

IoT threats grow

As the Internet of Things continues to ramp up, so will the threats. Showing the extent of the risk, analyst house Gartner forecasts that there will be 20.4 billion connected 'things' in use by 2020.

As well as smartphones, tablets and wearable devices, homes will increasingly feature smart meters, security systems and even fridges that connect to the internet.

In transport, connected safety features and autonomous cars will require more interaction with the internet, while in manufacturing, the use of connected sensors to create smart factories will only increase.

These connected devices exponentially increase the number of channels into corporate networks and dramatically broaden the 'attack surface' that cyber criminals can target.

IoT botnets, which use a connected network of bots to launch DDoS attacks or mine cryptocurrency, are one threat that will increasingly exploit this development. The scale and impact of a DDoS attack launched using a network of connected devices could potentially be huge.

The attack launched by the Mirai botnet at a huge number of IoT devices, including CCTV cameras, in 2016 showed this vulnerability. The attack took a significant number of internet services offline, including parts of Twitter, GitHub, Box and the PlayStation Network.

And there are several other IoT botnets out there, the latest example of which is Torii, which is an example of an evolution of IoT malware that it is more sophisticated than anything previously seen.

Organisations need to secure the growing number of connected devices to their networks, and also prepare for the high probability that they will be compromised, by ensuring they have the appropriate network monitoring and threat detection in place.

At-risk verticals to ramp up security efforts

Critical national infrastructure (CNI), healthcare, financial services and manufacturing remain major targets for cybercriminals, due to the potential to cause mass disruption, secure valuable data or steal funds. These industries are likely to focus on strengthening their cybersecurity in 2019.

Ageing ICS and SCADA networks used by CNI providers likely still have vulnerabilities that can be exploited by cybercriminals or, more worryingly, state-sponsored hackers, leaving millions at risk of losing electricity or communications.

As the WannaCry ransomware attack that temporarily crippled the UK’s NHS in 2017 showed, the healthcare sector is also at significant risk. While ransomware appeared to decline in 2018, there is potential for it to re-emerge if health organisations continue to present the opportunity to cybercriminals. The increase in internet-connected healthcare equipment will also increase the risk from IoT-related threats.

The amount of money and personal data held by financial services organisations will continue to tempt criminals. Furthermore, regulators are likely to increase enforcement of GDPR rules in 2019. Therefore, expect a need to put in place the intelligence to ensure organisations meet the 72-hour reporting requirement for data breaches. Manufacturing, meanwhile, will need to focus on reshaping security as automation and robotics, the drivers of the fourth industrial revolution, gain momentum.

All of these sectors will need to address their security weaknesses, with network and user monitoring, detection and mitigation technology all playing a greater role in the fight against cyberthreats. The cybersecurity skills gap remains a challenge across all sectors, so efforts to make a career in cybersecurity more attractive are likely in 2019.

Renewed emphasis on user-based threats

Evidence suggests that cybercriminals are now eschewing direct attacks on corporate networks, in favour of exploiting mistakes or complacency by individual users to achieve their aims.

Perimeter defence technology is now extremely capable, making breaching them much harder. However, a cleverly worded phishing email can still dupe unsuspecting individuals into providing access to confidential data or transferring funds.

Organisations will increasingly need to take steps to protect themselves through effective education that uses innovative approaches such as gamification, and fostering a culture of cybersecurity to ensure employees support the security team in protecting the organisation. These efforts need to go to the highest levels of the organisation.

In terms of technology, user and entity behaviour analytics will increase in importance, giving the ability to detect user activity that suggests a compromise and flagging it to the security team or automated systems that can take action to contain the threat.