The last 12 months have been a transformative time for the CISO in Europe. The imposition of new regulations like GDPR and the progress on NIS Directive have made their mark on cybersecurity investment and strategy. Along with a steep rise in a new type of threat in cryptojacking and high-profile hacks, such as British Airways, 2018 felt like a challenging rollercoaster ride for cybersecurity and business leaders. But does 2019 face the same fate? Sivan Nir, Senior Analyst, Skybox Security Research Lab, makes her predictions for the year ahead.
- Cryptojacking keeps going
2018 saw unauthorised cryptomining replace ransomware as the most popular malware and this will not abate. Monero has been identified as the cryptocurrency which is most associated with this activity. This type of malware can often go around undetected and it’s a good way for hackers to stay active for the maximum amount of time and make quick money. Why would they turn to an alternative?
- Mobile vulnerabilities keep rising
A continuing trend which emerged at the end of 2017 is the exponentially growing number of mobile vulnerabilities. This is only going to continue as mobile further blurs the line between personal and business device. Furthermore, third-party applications used on smart phones are a good way for malware to enter an organisation, as well as open applications, particularly Android.
- Cloud misconfigurations cause chaos
As more and more companies migrate to the cloud, the biggest risk will be seen in the misconfiguration of the cloud environment, showing that humans continue to be one of the weakest links in security. In addition, the incorporation of third-party software in the cloud means organisations won’t have full control over their attack surface. Cloud technology is still relatively new, with no set best practices, so it’s not as clear to IT people how to secure a cloud environment as opposed to on-prem networks. Next year, hackers will take more advantage of these weaknesses.
- Ransomware won’t fade away
2017 will always be remembered as the ‘year of ransomware’. While cryptomining is overshadowing ransomware, it’s important that CISOs don’t let their guard drop on this older threat. Although illicit cryptomining is easier to undertake, ransomware has the potential to reap bigger immediate awards when precisely targeted at an organisation that cannot afford to kiss their encrypted files goodbye. So, ransomware will continue to wreak havoc, using a variety of new techniques to enter the network.
- AI arms race
AI will be increasingly used to identify and protect against attacks, but 2019 will see a surge in the number of vulnerabilities in AI and chatbots as threat actors realise the value in this activity. Hackers will begin to use AI to make more efficient and persistent malware attacks. At some level this may even culminate in an AI cyber-arms race. There will be more investment being ploughed into cyber-AI on both sides of the battlefield.