It may not be possible to perfectly predict the future of cybersecurity, but you can pinpoint the trends emerging within the industry. It’s been said that 2017 was the year cybersecurity meant something to everyone with major breaches and ransomware becoming more publicized and visible across the world. 2018 is slated to bring even more threats, new risks, and added complexities within the organization.
Skip Down To the Top 10 Cybersecurity Trends
We will dive into what we are already seeing take shape in the security industry with 2018 cybersecurity trends and predictions within this blog.
The Rise of Cybercrime as a Service
Everything from ransomware kits to a malware exploit kit can be purchased on this black-market exchange for daily, weekly, or monthly rentals for under a $1,000.
These services and rentals are even helping common criminals without the prior knowledge or expertise in technology to make some serious cash on the Internet.
You might also be surprised to know that organizations are also participating in the cybercrime-as-a-service to beat their attackers to the punch. In 2018, we should expect to see an increase in the number of entities and individuals active in these dealings.
Ransom Denial of Service (RDoS)
DDoS attacks have a goal of taking down a site to hurt or destroy a brand’s reputation. Ransom Denial of Service (RDoS) could be the next big wave of attacks for 2018.
RDoS has been around a long time, it just hasn’t been used that much lately. RDoS attacks are DDoS attacks but are created to impose a hefty ransom on the victim after taking down the organization’s website and other critical infrastructure.
Typically, an attacker will send an email, letter, or social media message to an organization threatening to launch a DDoS attack on the organization.
A RDoS attacks may be more visible in the year ahead. The first action of DDoS provides cover or a distraction for another even more malicious attack to take place. Often it involves an attacker placing ransomware on the organization’s network after the DDoS takes the site down.
A DDoS for an organization could bring down critical infrastructure, like firewalls, Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS) and provide the cybercriminal enough time to install ransomware without the security or IT knowing it.
The Internet of Things (IoT) Risk Continues to Expand
IoT has become one of the most important advancements of the 21st century. IoT is roughly a $967 billion industry in 2017 with future growth expected to comprise more than 50 billion connected devices in use by 2020 as well as a $3 trillion industry.
What’s expected in years to come is an increase in security flaws that remain unpatched within our industrial sensors, transportation sectors, utilities and smart grids for electricity and gas, and health IT connected devices that we rely on daily.
Astonishingly, 70% of IoT devices are susceptible to major vulnerabilities without the proper security controls in place. — Click to Tweet
What’s worse, employees unknowingly bring these exploitable devices within the corporate network, opening a backdoor for attackers to obtain access to critical data.
Another trend within IoT is botnets. Back in 2016, the Mirai zombie botnet army single-handedly took down the Internet for several hours by attacking DNS provider, Dyn.
Vulnerable, connected devices can be used by malware to create an army of bots using these vulnerabilities. In 2018, we expect to see an increase in IoT, Botnet, and DDoS driven attacks on corporations, consumers, and government entities.
Automated Artificial Intelligence (AI) Driving Digital Security Transformation
AI and Machine Learning will help security teams expand the decision-making and pattern recognition required to defend against an onslaught of new threats every day.
In 2018, you might expect that AI will also be used by organizations to identify vulnerabilities that might be potential exploits for attackers. In fact, Google built an AI 'child' that was built from AI itself and outperforms any AI made by humans for the purpose of recognizing objects – people, cars, traffic, lights, etc.
On the other hand, attackers will be using AI and machine learning to improve their attack schemes by collecting and analyzing data points on their victim’s network more than ever before.
Cybercriminals are using AI and Machine Learning to speed up the process of finding vulnerabilities.
Advanced Security Analytics Makes Sense of Security Logs
A Security Incident and Event Management tool generates a substantial amount of data on security events to prevent data breaches.
In 2018, you might expect to see an increase in using advanced security analytics tools to free up the security analyst’s time on analyzing logs and provide them with faster decision-making.
Moreover, these advanced security analytics tools can enable the security analyst to identify vulnerabilities within the network quickly.
Cryptocurrencies and Biometrics
As of November 2017, cryptocurrencies, including Bitcoin and Euthereum, currently have a total market capital of over $300 billion.
There are actually more than 1,100 cryptocurrencies currently traded in the financial market. While a tremendous industry, it’s also one that’s been frequently used to exploit organizations in ransomware attacks.
In 2018, we expect to see even more use of cryptocurrency to execute ransomware exploits which could lead to major global regulations of these emerging currencies. A major hack to cryptocurrencies is quite possible for 2018 as well.
Enter biometrics. Organizations may begin to adopt biometrics in 2018 to avoid the challenges associated with password policies and other common security controls.
Biometrics is even speculated to replace two-factor authentication in email, mobile, and the enterprise market. Biometrics may even be used to replace the forgotten pin you need to obtain the cryptocurrencies that you forgot you owned and now can’t recover.
Leveraging Blockchain for Security Best Practices
Blockchain is quite common right now in cryptocurrencies but can be used for countless other applications.
In 2018, mature security organizations will begin to use Blockchain as a means to control network communications, manage IoT devices, and supply chains.
Many security professionals are excited at the promise of Blockchain providing transparency in cybersecurity. Essentially, everyone knows who is doing what, including the errors, poor security practices, and threats inside the organization that might occur.
Global Critical Infrastructure Attacks Pick Up
Critical infrastructure is a major concern for cybersecurity threats and vulnerabilities. Many security experts are predicting that we will begin to see cyberattacks on United States critical infrastructure in 2018. In the U.S., 16 critical infrastructure sectors could be potential attack vectors in 2018:
- The Energy Sector
- The Dams Sector
- The Financial Services Sector
- The Nuclear Reactors, Materials, and Waste Sector
- The Food and Agriculture Sector
- The Water and Wastewater Systems Sector
- The Healthcare and Public Health Sector
- The Emergency Services Sector
- The Transportation Systems Sector
- The Chemical Sector
- The Communications Sector
- The Information Technology Sector
- The Defense Industrial Base Sector
- The Critical Manufacturing Sector
- The Government Facilities Sector
- The Commercial Facilities Sector
Other countries have already experienced power grid and manufacturing plant attacks. Globally, every nation depends on these critical infrastructure sectors for daily life.
Any successful attack on these would result in damaging effects on the local, State, and potentially Federal level. Not to mention the public health and safety of any citizen.
Greater Emphasis on Consumer Privacy – EU GDPR
Consumer Privacy is becoming a focal point for worldwide government regulation. For example, the European Union’s General Data Protection Regulation (GDPR) is now a landmark piece of global legislation aimed to protect consumers and their data.
Companies not even physically in the European Union will need to comply if they process or manage consumer data. These companies must have the necessary security controls and inventories in place to secure sensitive consumer data.
They must also be prepared to respond to breaches in a timely fashion and understand the appropriate process for notifying authorities and customers of an actual data breach.
U.S. Senators introduced legislation on Thursday, November 30, 2017 requiring companies to notify customers of data breaches within thirty days of their discovery. The new bill, called the Data Security and Breach Notification Act, was introduced in the wake of reports that Uber paid $100,000 to cover up a 2016 data breach that affected 57 million users. The new bill would also impose a five year prison sentence on individuals within the organization who are caught concealing data breaches.
We found it interesting that the bill carries a max 5 year prison sentence with unspecified (so far) monetary damages if notification isn’t performed within 30 days, while GDPR requires a 72 hour notification period and specifies monetary damages but no jail time. Would EU customers be notified before US customers?
The Dutch Data Protection Authority recently coordinated a taskforce that launched a full investigation of Uber’s recent data breach.
In 2018, we will likely see more accountability held on corporations that handle consumer data with hefty fines and jail time if Persona Identifiable Information (PII) is leaked and consumers aren't notified in a timely fashion.
A Persistent Cybersecurity Skills Shortage Leads to Security Outsourcing or Augmentation
You don’t really have to predict that there will still be a continued shortage of skilled professionals within cybersecurity. In our recent cyber security careers blog, we noted that roughly 3.5 million cybersecurity positions would go unfilled by 2021. Cybersecurity is a highly skilled field with technical barriers to entry, but cybercrime and threats continue to climb rapidly.
A lack of skilled resources within the field of cybersecurity will require many organizations to look to security outsourcing or staff augmentation to fill the gaps in their security operations.
Outsourcing security makes sense for a lot of reasons with cost being one of the most obvious. Take a look at these estimated costs on these six essential skills needed to fill a solid security operations team.
This might be feasible for a very large enterprise organization but for small to mid-size enterprises this may not be within budget.
While it’s exciting to see the pace of innovation in technology, there are also some serious hurdles that organizations and security professionals must overcome in the year ahead. But, don’t lose hope! You can be on the winning side of security with the right strategies, tools, and tactics in place for defense in depth security.