Five Cybersecurity and Cybercrime Predictions for 2019 by Ilia Kolochenko
High-Tech Bridge’s CEO Ilia Kolochenko shares some of the industry trends and major threats companies and individuals will likely face in 2019.
1. Complexity of Corporate IT Networks Drives More Databreaches
Today, many different hacking techniques and attack vectors have one common cause and origin – lack of visibility across corporate IT assets. It is accountable for the majority disastrous data breaches occurred in 2018. The problem will almost certainly persist and exacerbate in 2019.
Most modern companies and organizations have very complicated, convoluted and intricate IT infrastructure composed of unconnectable pieces, often located across the world. Shadow systems co-exist with legacy mainframes, abandoned cloud applications and third-party code unmaintained since years. Obviously, such unknown or semi-known systems cannot be protected or secured in any manner. Consequentially, they become a very attractive target to run ransomware, phishing or even highly-sophisticated targeted attacks by cybercriminals.
The complexity of corporate networks is exponentially growing, so will the problem of visibility. Attackers often don’t even need any expensive 0days – there are plenty of machines and applications that can be breached with a public exploit in less than a minute. Improper internal access control often enables attackers, who control one machine, to spread their presence on all other hosts in the local network. All this is perfect environment to harvest new data breaches and security incidents, let alone non-conformities with GDPR and other regulations.
2. Cryptocurrency Security Disillusionment
Millions of people have lost their money in cryptocurrencies in 2018. Many due to crypto-exchange hacks or fraud, others were victims of sophisticated spear-phishing targeting their e-wallets, some simply lost their savings with the Bitcoin crash. People believed in innate immunity, utmost resistance and absolute security of cryptocurrencies, while now their illusions about cryptocurrency security have vaporized.
The problem for 2019 is that many victims irrecoverably lost their confidence in blockchain technology in general. It will be time-consuming to restore their trust and convince them to leverage blockchain in other areas of practical applicability. On the other side, it’s not too bad, as potential future-victims are now paranoid and won’t be a low-hanging fruit for fraudsters.
3. Adversarial Usage of Artificial Intelligence (AI) and Machine Learning (ML)
Cybercriminals have attained a decent level of proficiency in practical AI/ML usage. Most of the time, they use the emerging technology to better profile their future victims and to accelerate the time and thus effectiveness and profitability of intrusions.
As opposed to many cybersecurity startups who often use AI/ML hype mostly for marketing and investor-relationship purposes, the bad guys are focused on its practical and pragmatic usage to cut their costs and boost income. We will likely see other areas of AI/ML applicability leveraged by cybercriminals. We will probably have the first cases of simple AI technologies competing against each other in 2019.
4. Crowd Security Testing Morph to Penetration Testing
Bug bounties are trying to reinvent themselves in light of emerging startups that diversify the field and also not-for-profit initiatives such as the Open Bug Bounty project.
Most crowd security testing companies now offer highly-restricted bug bounties, available only to a small circle of pre-screened testers. Others already offer process-based fees instead of usual result-oriented approach. We will likely see crowd security testing ending up as a peculiar metamorphose of classic penetration testing.
5. Negative Impact of GDPR on Corporate Cyber Resilience
Many companies and organizations are now frustrated with severe GDPR sanctions and spend virtually all their resources to attain formal compliance. The problem is that in pursue of the paper-based compliance, they often omit critical aspects of practical cybersecurity.
Consequentially, we may see more data breaches as scanty cybersecurity resources, that widely remained the same as prior to the 25th of May 2018, cannot effectively cover both practical security and compliance requirements. Even if compliance and security are tangential, contiguous and even highly intertwined areas, they are still substantially different and cannot replace each other.
We already observed something similar in 2008 with PCI DSS enforcement – and we observed disastrous data breaches of PCI compliant companies in the past, emphasizing that compliance cannot replace risk-based and process-based cybersecurity strategy and its proper implementation.
What to Do?
Read state of FT 500 application security report.
You can try ImmuniWeb® Discovery for free to get an exhaustive view of your external attack surface.
You can also explore community web security products by High-Tech Bridge.