This past year, cyber criminals caused major service disruptions around the world, using their increasing technical proficiency to break through cyber defenses. In 2018, we expect the trend to become more pronounced as these attackers will use machine learning and artificial intelligence to launch even more potent attacks.

 

Gear up for a busy year ahead. Incidents like the WannaCry attack, which impacted more than 200,000 computers worldwide in May, are just the warmup to a new year of more virulent malware and DDoS attacks. Meanwhile, cyber criminals are poised to step up their attacks on the millions of devices now connected to the Internet of Things both in offices and homes.

 

The cybersecurity landscape in 2018 is sure to surprise us in ways that we never imagined. As 2017 draws to a close, here is what you can expect over the course of the upcoming year:

 

Blockchain Will Find Uses Outside Of Cryptocurrencies But Cyber criminals Will Focus On Coins and Exchanges

 

Blockchain is finally finding applications outside of crypto-currencies, expanding its functions in inter-bank settlements with the help of IoT gaining traction. However, these use cases are still in their infancy stage and are not the focus for most cyber criminals today. Instead of attacking Blockchain technology itself, cyber criminals will focus on compromising coin-exchanges and users’ coin-wallets since these are the easiest targets, and provide high returns. Victims will also be tricked into installing coin-miners on their computers and mobile devices, handing their CPU and electricity over to cyber criminals.

 

Cyber criminals Will Use Artificial Intelligence (AI) & Machine Learning (ML) To Conduct Attacks No cyber security conversation today is complete without a discussion about AI and ML. So far, these conversations have been focused on using these technologies as protection and detection mechanisms. However, this will change in the next year with AI and ML being used by cyber criminals to conduct attacks. It is the first year where we will see AI versus AI in a cybersecurity context. Cyber criminals will use AI to attack and explore victims’ networks, which is typically the most labour-intensive part of compromise after an incursion.

 

Supply Chain Attacks Will Become Mainstream

 

Supply chain attacks have been a mainstay of the classical espionage and signals-intelligence operators, compromising upstream contractors/systems/companies and suppliers. They are proven to have a high-level of effectiveness, with nation-state actors using a mix of human intelligence to compromise the weakest link in the chain. These attacks are moving into the cybercriminal space, becoming mainstream. With publicly available information on suppliers, contractors, partnerships and key-people, cyber criminals can find victims in the supply chain and attack the weakest link. With a number of high profile successful attacks in 2016 and 2017, cyber criminals will focus on this method in 2018.

 

File-less and File-light Malware Will Explode

 

2016 and 2017 have seen consistent growth in the amount of file-less and file-light malware, with attackers capitalising organizations that lack in preparation against such threats. With fewer Indicators of Compromise (IoC), use of the victims’ own tools, and complex disjointed behaviours, these threats have been harder to stop, track and defend against in many scenarios. Like the early days of ransomware, where early success by a few cyber criminals triggered a gold-rush like mentality, more cyber criminals are now rushing to use these same techniques. Although file-less and file-light malware will still be outnumbered by orders-of-magnitude as traditional style malware, they will pose a significant threat and lead to an explosion in 2018.

 

Organisations Will Still Struggle With Security-as-a-Service (SaaS) Security

 

Adoption of SaaS continues to grow at an exponential rate as organizations embark on digital transformation projects to drive business agility. This rate of change and adoption presents many security challenges as access control, data control, user behaviour and data encryption vary significantly between SaaS apps. While this is not new and many of the security problems are well understood, organizations will continue to struggle with all these in 2018.

 

Combined with new privacy and data protections laws adopted by regulators across the world, these will pose major implications in terms of penalties, and more importantly, reputational damage.

 

Organisations Will Still Struggle With Infrastructure-as-a-Service (IaaS) Security – More Breaches Due to Error, Compromise & Design

 

IaaS has completely changed the way organisations run their operations, offering massive benefits in agility, scalability, innovation and security. It also introduces significant risks, with simple errors that can expose massive amount of data and take down the entire system. While security controls above the IaaS layer are customer’s responsibility, traditional controls do not map well – leading to confusion, errors and design issues with ineffective or inappropriate controls being applied, while new controls are ignored. This will lead to more breaches throughout 2018 as organizations struggle to shift their security programs to be IaaS effective.

 

Financial Trojans Will Still Account For More Losses Than Ransomware

 

Financial Trojans were some of the first pieces of malware to be monetised by cyber criminals. From simple beginnings as credential harvesting tools, they have since evolved to advanced attack frameworks that target multiple banks, and banking systems that send shadow transactions and hide their tracks. They have proven to be highly profitable for cyber criminals. Today the move to mobile application-based banking has curtailed some of the effectiveness, so cyber criminals are now moving their attacks to these platforms. Cyber criminals’ profits from Financial Trojans is expected to grow, giving them higher gains as compared to Ransomware attacks.

 

Expensive Home Devices Will Be Held To Ransom

 

Ransomware has become a major problem and is one of the scourges of the modern Internet, allowing cyber criminals to reap huge profits by locking up users’ files and systems. The gold-rush mentality has not only pushed more and more cyber criminals to distribute ransomware, but also contributed to the rise of Ransomware-As-A-Service and other specializations in the cyber criminal underworld. These specialists are now looking to expand their attack reach by exploiting the massive increase in expensive connected home devices. Smart TVs, smart toys and other smart appliances can run into thousands of dollars and users are generally not aware of the threats to these devices, making them an attractive target for cyber criminals.

 

IoT Devices Will Be Hijacked and Used in DDoS Attacks

 

In 2017, we have seen massive DDoS attacks using hundreds of thousands of compromised IoT devices in people’s homes and workplaces to generate traffic. This is not expected to change with cyber criminals looking to exploit the poor security settings and management of home IoT devices. Furthermore, the inputs and sensors of these devices will also be hijacked, with attackers feeding audio, visual or other faked inputs to make these devices do what they want rather than what users expect them to do.

 

IoT Devices Will Provide Persistent Access to Home Networks

 

Beyond DDoS attacks and ransomware, home IoT devices will be compromised by cyber criminals to provide persistent access to a victim’s network. Home users generally do not consider the cyber security implications of their home IoT devices, leaving default settings and not vigilantly updating them like they do with their computers. Persistent access means that no matter how many times a victim cleans their machine or protects their computer, the attacker will always have a backdoor into victims’ network and the systems that they connect to.


RECOMMENDED ARTICLE FOR TECHWORLD


 
UBTECH OPENS ROBOTICS SUMMER WORKSHOP
Techworld Date Posted: 8 May 2018 3:07 PM | 344 Views
The introduction and availability of programmable robots (Robotics) at brickand-mortar stores are still unrecognizable. For most, these robots are too expensive for a “toy” without even exploring its value and benefits to their kids,.... See More
 
UBTECH OPENS ROBOTICS SUMMER WORKSHOP
Techworld Date Posted: 3:07 PM | 344 Views
The introduction and availability of programmable robots (Robotics) at brickand-mortar stores are still unrecognizable. For most, these robots are too expensive for a “toy” without even exploring its value and benefits to their kids,...See More

 
Have Asia’s SMEs Got Talent
Techworld Date Posted: 1 August 2017 3:59 PM | 327 Views
What do “Asia’s Got Talent”, “Asian Idol”, and “The Voice” all have in common? …The ability to attract amazing talent who participate in these competitions to kick start their careers.. See More
 
Have Asia’s SMEs Got Talent
Techworld Date Posted: 3:59 PM | 327 Views
What do “Asia’s Got Talent”, “Asian Idol”, and “The Voice” all have in common? …The ability to attract amazing talent who participate in these competitions to kick start their careers.See More

 
6 Security Tips for Freelancers
Techworld Date Posted: 16 October 2018 3:21 PM | 191 Views
Cybercriminals love people in HR departments, because their job includes opening files that come from unknown sources. See More
 
6 Security Tips for Freelancers
Techworld Date Posted: 3:21 PM | 191 Views
Cybercriminals love people in HR departments, because their job includes opening files that come from unknown sourcesSee More

 
Artificial Intelligence and Machine Learning Are Changing the Way We Do Business
Techworld Date Posted: 28 November 2017 10:29 AM | 330 Views
Today, every organisation needs to reimagine its business model. Customers expect business to meet them anywhere, any time, on any device. To meet this speed of response, businesses need to be ahead of the.... See More
 
Artificial Intelligence and Machine Learning Are Changing the Way We Do Business
Techworld Date Posted: 10:29 AM | 330 Views
Today, every organisation needs to reimagine its business model. Customers expect business to meet them anywhere, any time, on any device. To meet this speed of response, businesses need to be ahead of the...See More

 
Fortinet Philippines Bags Global Awards for Marketing & Business Excellence and Outstanding Executives 2017
Techworld Date Posted: 21 December 2017 5:12 PM | 649 Views
(L-R) Jessica Jugo, inside sales representative, Fortinet Philippines; Jeff Castillo, regional director, Fortinet; and Eunice Quilantang, Systems Engineer, Fortinet Philippines during the gala of the Global Awards for Marketing & Business Excellence and Outstanding.... See More
 
Fortinet Philippines Bags Global Awards for Marketing & Business Excellence and Outstanding Executives 2017
Techworld Date Posted: 5:12 PM | 649 Views
(L-R) Jessica Jugo, inside sales representative, Fortinet Philippines; Jeff Castillo, regional director, Fortinet; and Eunice Quilantang, Systems Engineer, Fortinet Philippines during the gala of the Global Awards for Marketing & Business Excellence and Outstanding...See More

 
5 Simple WiFi Problems and the Easy Ways to Fix Them
Techworld Date Posted: 12 July 2018 4:09 PM | 586 Views
Home WiFi issues can be really frustrating, especially if you’re in the middle of sending an important work file, a video call with a relative living overseas, or a Netflix-bingeing marathon. But most of.... See More
 
5 Simple WiFi Problems and the Easy Ways to Fix Them
Techworld Date Posted: 4:09 PM | 586 Views
Home WiFi issues can be really frustrating, especially if you’re in the middle of sending an important work file, a video call with a relative living overseas, or a Netflix-bingeing marathon. But most of...See More

 
Protect Scattered Data in Physical, Virtual, and Cloud Workloads with the Active Backup Suite
Techworld Date Posted: 29 June 2018 4:21 PM | 314 Views
Synology today announced the official release of two major backup applications in Active Backup suite of packages, the official version of Active Backup for Office 365 that supports SaaS cloud backup, and the beta.... See More
 
Protect Scattered Data in Physical, Virtual, and Cloud Workloads with the Active Backup Suite
Techworld Date Posted: 4:21 PM | 314 Views
Synology today announced the official release of two major backup applications in Active Backup suite of packages, the official version of Active Backup for Office 365 that supports SaaS cloud backup, and the beta...See More

 
Shaping the Leaders of Tomorrow
Techworld Date Posted: 9 August 2017 2:55 PM | 317 Views
From left: Harriet B. Fernandez, Director, Computing and Information Services Office, Lennie K. Ong, University Treasurer, Edison B. Sasoy, Vice President for Administration, Fr. Roberto C. Yap, SJ, University President, Mr. Cricket Santiago, President.... See More
 
Shaping the Leaders of Tomorrow
Techworld Date Posted: 2:55 PM | 317 Views
From left: Harriet B. Fernandez, Director, Computing and Information Services Office, Lennie K. Ong, University Treasurer, Edison B. Sasoy, Vice President for Administration, Fr. Roberto C. Yap, SJ, University President, Mr. Cricket Santiago, President...See More

 
NVIDIA and BINUS University Collaborate on First AI R and D Centre in Indonesia
Techworld Date Posted: 29 August 2017 4:58 PM | 279 Views
NVIDIA today announced a collaboration with BINUS University and Kinetica to establish the first artificial intelligence (AI) research and development (R&D) centre in Indonesia. Located at the university's Anggrek Campus, the centre will support BINUS.... See More
 
NVIDIA and BINUS University Collaborate on First AI R and D Centre in Indonesia
Techworld Date Posted: 4:58 PM | 279 Views
NVIDIA today announced a collaboration with BINUS University and Kinetica to establish the first artificial intelligence (AI) research and development (R&D) centre in Indonesia. Located at the university's Anggrek Campus, the centre will support BINUS...See More

 
Bridging the Generation Gap How Tech Companies Can Address Different Privacy and Cybersecurity Attitudes
Techworld Date Posted: 2 April 2019 3:54 PM | 121 Views
Maxim Frolov, Vice President of Global Sales, Kaspersky LabWhilst advancements in technology have made the world feel smaller than ever before, the gap between the generations has continued to widen. Differences in lifestyle, values.... See More
 
Bridging the Generation Gap How Tech Companies Can Address Different Privacy and Cybersecurity Attitudes
Techworld Date Posted: 3:54 PM | 121 Views
Maxim Frolov, Vice President of Global Sales, Kaspersky LabWhilst advancements in technology have made the world feel smaller than ever before, the gap between the generations has continued to widen. Differences in lifestyle, values...See More


Power by

Download Free AZ | Free Wordpress Themes