The number of cybersecurity incidents threatening our organizations is climbing at an alarming rate. Cybercriminals are growing more sophisticated in both the type of attacks they attempt and their ability to carry them out.
The white hats, meanwhile, are scrambling to keep up. Despite continuing growth in cybersecurity spending, they seem to be losing ground. Last summer, Gartner estimated global spending on information security would reach $86.4 billion in 2017 (a 7 percent increase over 2016 levels), and the research firm further predicted spending would to increase to $93 billion in 2018. Increased spending alone will not solve the cybersecurity problem. The World Economic Forum’s 2018 Global Risks Report named cybersecurity as the third biggest risk in terms of likelihood, topped only by extreme weather events and natural disasters. The number of cyberattacks during the first quarter of this year would seem to confirm the accuracy of that prediction.
Organizations are beginning to understand that a security compromise is not a matter of if, but when. But they need better tools that will enable them to fight back with the same level of sophistication as the cybercriminals who attack them.
Data Threats to Watch for in 2018
2014 was a watershed year for data breaches, with hacks targeting the systems of big companies like Sony, Home Depot, JP Morgan and eBay. Bloomberg reports that more than 337 million records were compromised in just those four incidents. With more than 1 billion personal data records compromised overall, 2014 became a record-breaking year.
But that was just the beginning. According to the Identify Theft Resource Center, while 2014 was the highest year on record for security breaches to that time, the number of breaches has grown every year since. In 2016, the number of data breaches rose 40 percent from 2015, and the number rose 44.7 percent from 2016 to 2017.
Data breaches will continue to escalate, especially now that organized crime groups are turning to cybercrime. Some predictions claim that cybercrime will soon become more profitable than the global trade in illegal drugs.
Here’s a list of some of the biggest internet threats to look out for in 2018.
Related Article: How to Deal With IoT Security Threats
Advanced Persistent Threats
Advanced persistent threats (APT) are especially worrisome for IT teams because, like the name implies, these attacks persist, stealthily, for months and even years. They move laterally through the IT infrastructure and steal data while avoiding detection.
The market for APT protection has more than doubled since 2015. While this indicates how serious this threat has become, it doesn’t reflect the fact that many APT solutions are ineffective.
According to The Radicati Group, a technology market research firm, “while many security solutions focus on network-level APT attacks, the most prevalent and successful attacks tend to come through applications, such as email and web access.”
Weaponized Artificial Intelligence
The cybersecurity industry is turning to artificial intelligence (AI) to provide better solutions, but meanwhile cybercriminals are using AI for nefarious purposes — and to avoid those very solutions. According to Gizmodo, in a poll of attendees of the Black Hat USA 2017 conference last July, 62 percent of the respondents said that believed bad actors would try to use AI in the coming year. And TechRepublic reports that a 2017 poll by Webroot found that 91 percent of cybersecurity professionals are concerned about hackers using AI in cyberattacks.
In just one example, researchers from security vendor ZeroFox demonstrated how a spear phishing Twitter campaign used AI for automation and to increase success rates. As cybercriminals innovate, it won’t be long before they adapt machine learning to create ever more effective new threats.
Related Article: Defending Yourself From Cyberattacks
Phishing is not a new cybercrime tactic, but despite growing awareness of the problem, organizations are still struggling to stay ahead of the sophisticated social engineering techniques used in phishing attacks. In the SANS Institute’s 2017 Threat Landscape Survey, the 263 IT and security professionals polled said that 74 percent of the threats that they had dealt with in the previous 12 months had entered their organizations as email attachments or links, while 48 percent had entered via web-based drive-by or download (multiple responses were permitted).
Scammers are not missing a beat. ZDNet reports that Webroot researchers found that scammers created an astonishing average of 1.4 million unique phishing websites per month during the first half of 2017. Often masquerading as trusted companies, they bait users into disclosing sensitive personal information. These techniques are also used to insert malware and bots into corporate networks — which is why it’s extremely important for companies to teach their employees how to avoid phishing attacks.
Even employees who have gone through security training sometimes fall for phishing attacks. That’s why organizations need to add another layer of security that can protect systems even when well-trained employees make mistakes.
One new technology that can protect companies is remote browser isolation. It can insulate endpoints from web-borne threats because it executes all the code remotely, in a safe environment, so it never reaches the end user’s device or computer.
A recent Check Point study of data collected from 850 organizations found that every single one of the organizations had faced an attempted mobile malware attack. The report further noted that a whopping 94 percent of security practitioners expect the number of mobile malware attacks to continue to increase. Most of that malware comes from third parties, but it has also been found embedded in apps sold through app stores.
The number of mobile malware variants is also growing. The lineup includes Trojans, ransomware and keyloggers. Attackers don’t always exploit vulnerabilities to infect mobile devices — oftentimes, unsuspecting users give access permission to the malicious apps, like embedded adware, when they install what they think is a legitimate app.
Ransomware in the Cloud
We haven’t seen the end of the evolution of ransomware yet. The next likely step is that cybercriminals will aim ransomware attacks at cloud services as adoption of cloud computing continues to grow.
Cloud providers are an enticing target because they store massive amounts of data and have large numbers of customers. However, because big providers make for tough adversaries, hackers looking for lower-hanging fruit are more likely to attack smaller services.
In 2016, a distributed denial-of-service (DDoS) attack on Dyn illustrated the potential for weaponizing the internet of things (IoT). Because they often lack embedded security features, some IoT devices can be cracked in two minutes, according to IT trade association CompTIA.
Cisco predicts that there will be 30 billion IoT devices by 2020 — a number nearly four times larger than the world’s population. While organizations are very enthusiastic about adopting IoT technologies, many are not aware of the exposure created by vulnerabilities in the IoT ecosystem. And because they often lack visibility into their own ecosystems, it would be easy for them to lose track of data that flows through their corporate networks and not even realize that they’d been hacked.
Related Article: Equifax Breach Drags Open Source Security Into Spotlight Once More
Staying Ahead of New Internet Threats
This is just a small sample of what IT security practitioners are grappling with, but it demonstrates why current approaches aren’t working. Organizations need to make sure they do their due diligence and consider all the new technologies available to them in order to protect themselves from cybercrimes. Staying ahead of advanced threats requires advanced protection — as cybercriminals become more sophisticated, organizations must become more sophisticated as well.