This past year, cyber criminals caused major service disruptions around the world, using their increasing technical proficiency to break through cyber defenses. In 2018, we expect the trend to become more pronounced as these attackers will use machine learning and artificial intelligence to launch even more potent attacks.

 

Gear up for a busy year ahead. Incidents like the WannaCry attack, which impacted more than 200,000 computers worldwide in May, are just the warmup to a new year of more virulent malware and DDoS attacks. Meanwhile, cyber criminals are poised to step up their attacks on the millions of devices now connected to the Internet of Things both in offices and homes.

 

The cybersecurity landscape in 2018 is sure to surprise us in ways that we never imagined. As 2017 draws to a close, here is what you can expect over the course of the upcoming year:

 

Blockchain Will Find Uses Outside Of Cryptocurrencies But Cyber criminals Will Focus On Coins and Exchanges

 

Blockchain is finally finding applications outside of crypto-currencies, expanding its functions in inter-bank settlements with the help of IoT gaining traction. However, these use cases are still in their infancy stage and are not the focus for most cyber criminals today. Instead of attacking Blockchain technology itself, cyber criminals will focus on compromising coin-exchanges and users’ coin-wallets since these are the easiest targets, and provide high returns. Victims will also be tricked into installing coin-miners on their computers and mobile devices, handing their CPU and electricity over to cyber criminals.

 

Cyber criminals Will Use Artificial Intelligence (AI) & Machine Learning (ML) To Conduct Attacks No cyber security conversation today is complete without a discussion about AI and ML. So far, these conversations have been focused on using these technologies as protection and detection mechanisms. However, this will change in the next year with AI and ML being used by cyber criminals to conduct attacks. It is the first year where we will see AI versus AI in a cybersecurity context. Cyber criminals will use AI to attack and explore victims’ networks, which is typically the most labour-intensive part of compromise after an incursion.

 

Supply Chain Attacks Will Become Mainstream

 

Supply chain attacks have been a mainstay of the classical espionage and signals-intelligence operators, compromising upstream contractors/systems/companies and suppliers. They are proven to have a high-level of effectiveness, with nation-state actors using a mix of human intelligence to compromise the weakest link in the chain. These attacks are moving into the cybercriminal space, becoming mainstream. With publicly available information on suppliers, contractors, partnerships and key-people, cyber criminals can find victims in the supply chain and attack the weakest link. With a number of high profile successful attacks in 2016 and 2017, cyber criminals will focus on this method in 2018.

 

File-less and File-light Malware Will Explode

 

2016 and 2017 have seen consistent growth in the amount of file-less and file-light malware, with attackers capitalising organizations that lack in preparation against such threats. With fewer Indicators of Compromise (IoC), use of the victims’ own tools, and complex disjointed behaviours, these threats have been harder to stop, track and defend against in many scenarios. Like the early days of ransomware, where early success by a few cyber criminals triggered a gold-rush like mentality, more cyber criminals are now rushing to use these same techniques. Although file-less and file-light malware will still be outnumbered by orders-of-magnitude as traditional style malware, they will pose a significant threat and lead to an explosion in 2018.

 

Organisations Will Still Struggle With Security-as-a-Service (SaaS) Security

 

Adoption of SaaS continues to grow at an exponential rate as organizations embark on digital transformation projects to drive business agility. This rate of change and adoption presents many security challenges as access control, data control, user behaviour and data encryption vary significantly between SaaS apps. While this is not new and many of the security problems are well understood, organizations will continue to struggle with all these in 2018.

 

Combined with new privacy and data protections laws adopted by regulators across the world, these will pose major implications in terms of penalties, and more importantly, reputational damage.

 

Organisations Will Still Struggle With Infrastructure-as-a-Service (IaaS) Security – More Breaches Due to Error, Compromise & Design

 

IaaS has completely changed the way organisations run their operations, offering massive benefits in agility, scalability, innovation and security. It also introduces significant risks, with simple errors that can expose massive amount of data and take down the entire system. While security controls above the IaaS layer are customer’s responsibility, traditional controls do not map well – leading to confusion, errors and design issues with ineffective or inappropriate controls being applied, while new controls are ignored. This will lead to more breaches throughout 2018 as organizations struggle to shift their security programs to be IaaS effective.

 

Financial Trojans Will Still Account For More Losses Than Ransomware

 

Financial Trojans were some of the first pieces of malware to be monetised by cyber criminals. From simple beginnings as credential harvesting tools, they have since evolved to advanced attack frameworks that target multiple banks, and banking systems that send shadow transactions and hide their tracks. They have proven to be highly profitable for cyber criminals. Today the move to mobile application-based banking has curtailed some of the effectiveness, so cyber criminals are now moving their attacks to these platforms. Cyber criminals’ profits from Financial Trojans is expected to grow, giving them higher gains as compared to Ransomware attacks.

 

Expensive Home Devices Will Be Held To Ransom

 

Ransomware has become a major problem and is one of the scourges of the modern Internet, allowing cyber criminals to reap huge profits by locking up users’ files and systems. The gold-rush mentality has not only pushed more and more cyber criminals to distribute ransomware, but also contributed to the rise of Ransomware-As-A-Service and other specializations in the cyber criminal underworld. These specialists are now looking to expand their attack reach by exploiting the massive increase in expensive connected home devices. Smart TVs, smart toys and other smart appliances can run into thousands of dollars and users are generally not aware of the threats to these devices, making them an attractive target for cyber criminals.

 

IoT Devices Will Be Hijacked and Used in DDoS Attacks

 

In 2017, we have seen massive DDoS attacks using hundreds of thousands of compromised IoT devices in people’s homes and workplaces to generate traffic. This is not expected to change with cyber criminals looking to exploit the poor security settings and management of home IoT devices. Furthermore, the inputs and sensors of these devices will also be hijacked, with attackers feeding audio, visual or other faked inputs to make these devices do what they want rather than what users expect them to do.

 

IoT Devices Will Provide Persistent Access to Home Networks

 

Beyond DDoS attacks and ransomware, home IoT devices will be compromised by cyber criminals to provide persistent access to a victim’s network. Home users generally do not consider the cyber security implications of their home IoT devices, leaving default settings and not vigilantly updating them like they do with their computers. Persistent access means that no matter how many times a victim cleans their machine or protects their computer, the attacker will always have a backdoor into victims’ network and the systems that they connect to.


RECOMMENDED ARTICLE FOR TECHWORLD


 
UBTECH Robotics Introduces the Alpha1 Pro Humanoid Robot to Philippines
Techworld Date Posted: 28 September 2017 4:33 PM | 377 Views
UBTECH Robotics, the company best known globally as the industry leader in artificial intelligence and humanoid robotics today introduced the Alpha1 Pro interactive consumer robot in the Philippines. Alpha1 Pro is a household programmable humanoid.... See More
 
UBTECH Robotics Introduces the Alpha1 Pro Humanoid Robot to Philippines
Techworld Date Posted: 4:33 PM | 377 Views
UBTECH Robotics, the company best known globally as the industry leader in artificial intelligence and humanoid robotics today introduced the Alpha1 Pro interactive consumer robot in the Philippines. Alpha1 Pro is a household programmable humanoid...See More

 
PH Faces Increasing App-Driven Attacks
Techworld Date Posted: 7 September 2017 1:56 PM | 371 Views
MANILA, PHILIPPINES - The attack surface created by app-driven transformation is expanding rapidly, with 72 percent of the total number of attacks focused on user identities and applications, the gateway to personal data. This.... See More
 
PH Faces Increasing App-Driven Attacks
Techworld Date Posted: 1:56 PM | 371 Views
MANILA, PHILIPPINES - The attack surface created by app-driven transformation is expanding rapidly, with 72 percent of the total number of attacks focused on user identities and applications, the gateway to personal data. This...See More

Rhea Sanvictores
Earmark That Irresistible Yearn for the Zen
Techworld • By: Rhea Sanvictores | Date Posted: 20 March 2017 2:24 PM | 789 Views
Tech experts and various computer enthusiasts, from what it seems to be an uncontested case, are blown away by AMD’ next-generation processor.. See More
Rhea Sanvictores
Earmark That Irresistible Yearn for the Zen
Techworld • By: Rhea Sanvictores | Date Posted: 2:24 PM | 789 Views
Tech experts and various computer enthusiasts, from what it seems to be an uncontested case, are blown away by AMD’ next-generation processor.See More

 
Kingston Encrypted USB Drives Are Key Components of Impending GDPR Compliance
Techworld Date Posted: 22 May 2018 10:29 AM | 551 Views
Kingston, a world leader in memory products and technology solutions, has been at the forefront of how the new General Data Protection Regulation (GDPR) cybersecurity regulations effective this month will affect anyone who processes.... See More
 
Kingston Encrypted USB Drives Are Key Components of Impending GDPR Compliance
Techworld Date Posted: 10:29 AM | 551 Views
Kingston, a world leader in memory products and technology solutions, has been at the forefront of how the new General Data Protection Regulation (GDPR) cybersecurity regulations effective this month will affect anyone who processes...See More

 
Getting Ready for the Holidays: Your Safe Online Shopping Guide
Techworld Date Posted: 21 November 2017 8:42 AM | 206 Views
  Online retailers are gearing up for the biggest shopping day of the year. With more consumers doing their holiday shopping online, additional compute resources and warehouses bulging with inventory ensure that shoppers won’t.... See More
 
Getting Ready for the Holidays: Your Safe Online Shopping Guide
Techworld Date Posted: 8:42 AM | 206 Views
  Online retailers are gearing up for the biggest shopping day of the year. With more consumers doing their holiday shopping online, additional compute resources and warehouses bulging with inventory ensure that shoppers won’t...See More

 
Kaspersky Lab Wins ‘Best Industrial Cyber Security Provider’ at Asian Manufacturing Awards 2017
Techworld Date Posted: 27 September 2017 5:23 PM | 208 Views
David Tiong, Asia Pacific (APAC) Marketing Director of Kaspersky Lab (left) receives the award from Raymond Wong, CEO of Contineo Media (right). Kaspersky Lab is proud to bring home the ‘Best Industrial Cyber.... See More
 
Kaspersky Lab Wins ‘Best Industrial Cyber Security Provider’ at Asian Manufacturing Awards 2017
Techworld Date Posted: 5:23 PM | 208 Views
David Tiong, Asia Pacific (APAC) Marketing Director of Kaspersky Lab (left) receives the award from Raymond Wong, CEO of Contineo Media (right). Kaspersky Lab is proud to bring home the ‘Best Industrial Cyber...See More

 
Global Shipments of FUJITSU Image Scanners Have Passed the 10 Million Mark
Techworld Date Posted: 30 September 2017 9:58 AM | 188 Views
PFU is proud to announce that as of July 2017, global shipments of its FUJITSU image scanners have passed the 10 million mark.. See More
 
Global Shipments of FUJITSU Image Scanners Have Passed the 10 Million Mark
Techworld Date Posted: 9:58 AM | 188 Views
PFU is proud to announce that as of July 2017, global shipments of its FUJITSU image scanners have passed the 10 million mark.See More

 
APAC IT Leaders Should Cultivate Situational Awareness to Thwart Cyber Threats
Techworld Date Posted: 26 July 2017 2:56 PM | 200 Views
Fortinet, a global leader in high-performance cyber security solutions, today advised IT leaders in Asia Pacific to hone their situational awareness skills in order to better defend their organizations against cyber threats. Human beings are.... See More
 
APAC IT Leaders Should Cultivate Situational Awareness to Thwart Cyber Threats
Techworld Date Posted: 2:56 PM | 200 Views
Fortinet, a global leader in high-performance cyber security solutions, today advised IT leaders in Asia Pacific to hone their situational awareness skills in order to better defend their organizations against cyber threats. Human beings are...See More

 
Realme Goes All-Out This Christmas, Announces Flash Voucher for MemoXpress and December 19 Flash Sale on Lazada
Techworld Date Posted: 18 December 2018 10:59 AM | 94 Views
Realme Philippines, well-received by Filipinos during its recent launch in the country, returns the gesture with an all-out offering for the Realme C1.. See More
 
Realme Goes All-Out This Christmas, Announces Flash Voucher for MemoXpress and December 19 Flash Sale on Lazada
Techworld Date Posted: 10:59 AM | 94 Views
Realme Philippines, well-received by Filipinos during its recent launch in the country, returns the gesture with an all-out offering for the Realme C1.See More

 
System Integration Expo Sets the Stage for High-Tech Innovations
Techworld Date Posted: 9 July 2018 1:18 PM | 210 Views
The 12th largest population in the world, and also arguably one of the most tech-savvy around, the Philippines offers a multitude of opportunities for tech companies and investors. For the past decade or so,.... See More
 
System Integration Expo Sets the Stage for High-Tech Innovations
Techworld Date Posted: 1:18 PM | 210 Views
The 12th largest population in the world, and also arguably one of the most tech-savvy around, the Philippines offers a multitude of opportunities for tech companies and investors. For the past decade or so,...See More


Power by

Download Free AZ | Free Wordpress Themes