Article

Top 5 cyber trends to look out for

There are a number of trends within the cybersecurity space that security professionals and the industry need to stay on top of.

By Tim Ferguson

Wed 20 Feb 2019 @ 16:34

Security teams have a lot on their plates as the threat landscape is constantly evolves and attacks become more sophisticated. Mitigation tools are becoming more effective, but security compromises and breaches remain a distinct possibility.

We’ve identified five trends that security teams will need to be ready for if they’re going to keep things secure:

Focus on individual users

There is evidence that cybercriminals are resuming their focus on individual users who are seen as an easier target than network defences. Despite user education being better than ever before, employees remain a weak point when it comes to security. Complacency remains a problem, even at senior levels of organisations, despite a string of high-profile attacks in recent years.

Cybercriminals are using increasingly clever methods to exploit mistakes or dupe individuals into providing information or transferring funds. While less of a risk than 18 months ago, ransomware remains a threat if an employee’s careless actions provides an entry point.

Spear phishing is growing more targeted. Hackers are breaking into email systems to see what information they can steal. They then take advantage of relationships and trust built between regularly contacts to create social-engineering opportunities.

With data analytics and AI also becoming more sophisticated, there is also scope for cybercriminals to make their user-focused operations more effective.

A buoyant cybercrime-as-a-service market

The ease of conducting cybercrime has been greatly increased by the availability of ready-made tools and software on the dark web. Cybercrime-as-a-service, which enables inexperienced individuals and organisations to cheaply purchase ready-to-use tools and launch various types of attacks, continues to proliferate.

The tools currently doing good business on the dark web include IoT botnets, remote-access trojans, obfuscation tools (which enable attackers to disguise their location), credential stealers (that obtain credentials to access networks), and lateral movement frameworks (which allow attackers to move around a network once access has been gained).

Tools are available for just a few dollars and cybercriminals keep their identity secret by using cryptocurrency and the Tor browser to access dark web markets.

Increased IoT risk

The volume of devices that connect to the internet is only going to increase, meaning opportunities for cybercriminals will also increase. Gartner’s forecast of 20.4 billion connected ‘things’ by 2020 shows the scale of the potential of risk.

Cybercriminals will hack these devices to access the corporate systems they’re connected to. There are already botnets targeting IoT infrastructure, whether for distributed denial of service attacks or to gain access to the networks to which devices are connected.

The benefits that the Internet of Things technology promises are huge, both for consumers and industry. But as with any technology gaining traction care is needed to ensure these devices are kept secure.

The proliferation of smartphones, tablets and wearable devices, as well as the emergence of smart meters for home energy and even connected fridges, are all playing a part in increasing this risk. Further into the future, autonomous cars and smart factories littered with IoT sensors will also be a factor.

GDPR begins to bite

The European General Data Protection Regulation (GDPR) came into force in May 2018. As firms rushed to be compliant, more fundamental issues that need to be addressed around legacy systems became apparent.

One of main requirements of GDPR is for organisations to report security breaches within 72 hours of them being discovered, something older systems could make difficult.

As a result, 2019 promises to be the year when the first regulatory fines and sanctions are imposed by the EU, which could include fines of up to four per cent of turnover. Already, the French regulator CNIL fined Google €50m in January for GDPR violations, the largest penalty to date.

This is also likely to make organisations more transparent about cybersecurity incidents, although it could also see political demands for improvements in cybersecurity, and even class action litigation.

Greater attention on ecommerce

The so-called Magecart attacks that recently impacted British Airways and Ticketmaster in 2018, showed cybercriminals are turning their attention to ecommerce.

The Magecart hacking group used ‘cross-site scripting’ to exploit weaknesses in the code of the payment processing pages, in an attack tailored to the British Airways infrastructure. This suggests that organised crime will increasingly exploit poorly-secured websites to collect customer credentials and payment card details.

With mobile devices increasingly used for authentication and payment, criminals will also target their communications to achieve their aims.

Learn more

Discover how LogRhythm user and entity behaviour analytics (UEBA) can protect your network from known and unknown threats.