The tidal wave of ransomware threats and cyberattacks battering organizations both big and small continues unabated this year.
Chief security officers and CIOs who spent long hours in 2017 ensuring they didn’t get sideswiped by the “Wannacry” attack, or the massive data breaches that saw the personal data of almost half of Americans exposed, remain on their guard the Spectre and Meltdown security vulnerabilities, which place virtually every OS and device in the world at risk.
While some progress has been made on patches for these recent vulnerabilities, black hats are working around the clock, looking for new ways to get at critical corporate data and personal information they can sell on the dark web.
Today’s black hats are not disgruntled teens working from their parents’ basements. They are savvy professionals who view their work from a business perspective. Some ransomware specialists have even opened “help desks” to walk their victims through the process of purchasing the untraceable cryptocurrencies they are demanding as ransom.
New research shows hackers in 2018 are using the same emerging technologies that are driving business innovation for far more nefarious purposes. With AI-powered attacks taking advantage of IoT (the latter offering an exponential increase of cyber risk at the endpoint level), entirely new forms of cyber risk are making security experts’ jobs even more taxing.
Coming … now
Here are just a few things to watch for in cybersecurity in 2018 and beyond:
- AI and machine learning will become a more important tool in the hacker’s toolbox. More and more cyber-criminals are employing AI in their “work,” using it to attack and to explore breached networks — a great help to hackers as this is typically the most labour- and time-intensive part of their “job” after they successfully breach a network.
- Compromised smart devices are becoming a “thing” as hackers look to expand their ransomware “reach” to connected home devices, including smart toys and TVs. And with smart home hardware and services spending predicted to rise by almost 60 per cent between 2018 and 2022, expect to hear of compromised smart home devices more and more.
- Home IoT devices will be targeted as more hackers see them as direct paths into victims’ home networks. An alarmingly high percentage of home users fail to properly consider the security implications of their home IoT devices. This is bad enough on its own. However, when you add the fact that 70 per cent of IoT devices are highly vulnerable to attack right out of the box, you’re talking about millions of little disasters waiting to happen.
New report from IBM
IBM collected data from hundreds of millions of protected endpoints and thousands of client devices throughout 2017 to produce “X-Force Threat Intelligence Index 2018.” This report, which provides timely insights about the current global threat landscape, gives security professionals a better view and understanding of the threats most relevant to their organizations. Among the topics discussed:
- Network attack trends and attack vectors
- Malware shifts 2017 and beyond
- Ransomworms and other malware
- Misconfigured clouds, phishing and other weaknesses
- Cryptocurrency and coin-mining malware
- Keeping pace with the changing threat landscape
