Taking a look back at the Top 5 Cybersecurity Trends of 2018.
Experts are projecting cybercrime will cost the global economy as much as $600 billion in 2018. They estimate the average cost of a data breach this year will exceed the $5 million mark. They also believe these figures will be just the tip of the iceberg, as a substantial amount of industrial espionage and the theft of proprietary secrets will go undetected or unreported. With global spending to detect and respond to cybercrime topping the $80 billion mark this year, cyber insurance premiums in the U.S. alone are expected to reach $4 billion.
The cybersecurity landscape has continued to change and evolve over the last year. New security threats emerged, so did new methods and tools for protecting data and countering these threats. As the year draws to a close, this article takes a look back at five significant cybersecurity trends that dominated the news 2018.
1. Compliance Regulations Strengthened
2018 is the year the EU General Data Protection Regulations (GDPR) went into effect, leaving many organizations scrambling to understand the long-term implications of the new rules while quickly developing new strategies for achieving compliance. We are already beginning to see the effects of GDPR as websites with pop-up warnings about cookies are becoming increasingly more common on the internet.
Consumer concerns about how their personal information is being used continue to grow. Accordingly, we are likely to see more regulations designed to dictate minimum levels of detection and the prevention controls required for storing customer information, as well as guidelines for how organizations should behave when a breach occurs. If, as expected, incidents with global impact become more commonplace, regulations across all fronts will likely be strengthened making compliance more complex. As cybersecurity and regulatory compliance become increasingly intertwined, organizations will be forced to rethink how they manage risk while ensuring compliance.
2. Cryptojacking Surpassed Ransomware as Top Cybersecurity Crime
With cryptocurrency becoming more mainstream, threat actors have turned to cryptojacking to generate illicit financial gains quickly, with little effort, and with a relatively low risk of discovery. According to Kaspersky Lab, cryptojacking became the number one attack vector of 2018, while the number of ransomware attacks fell sharply over the year.
The rise in cryptojacking is being driven by several factors including:
- Inexpensive cryptojacking kits available on the dark web for as little as $30 that require little to no technical skills to manage.
- Far less risk of getting caught than ransomware schemes. Cryptojacking code often goes undetected for a long time. Moreover, even when it is discovered, it is often difficult to trace back to the source, and victims have little incentive to pursue the perpetrators.
- Multiple methods are available for hijacking computer or smartphone resources to mine cryptocurrency. In addition to unwittingly loading cryptomining code on your computer via a phishing scam, your devices could be mining cryptocurrency just by visiting an infected website.
No one knows for sure how much cryptocurrency is being mined via cryptojacking but most experts agree that cryptojacking is still in its infancy, and the lure of “easy money” has cryptojacking poised to grow and evolve quickly.
3. Internet of Things (IoT) Widened Attack Surface
2018 was a year of steady growth for connected devices with many organizations incorporating IoT technologies into their products, processes, and workflows. Gartner research predicts that by the year 2020, there will be 20 billion devices connected to the IoT generating more than $300 billion in revenue.
This unprecedented expansion of devices and network connectivity widened the attack surface as the threat vectors continued to get more sophisticated. With as many as one million new connections per hour being added to the Internet, the lack of security in billions of IoT devices offer little to no defense against hackers who want to gain control of the devices to hold the data or functionality hostage or to attack servers and internet choke points with denial of service attacks.
One of the highest profile examples of breaches in 2018 occurred in May when security researchers from Cisco Talos exposed a botnet linked to Russia that affected up to 500,000 routers and network-access storage devices located across 54 countries. Using malware called VPNFilter, the Russian hackers gained control over infected devices and snooped on traffic passing via affected routers to learn about the software being used to manage critical infrastructure.
Despite the critical lack of security standards, IoT devices continue to flood the market, providing hackers with new points of entry into your organization’s resources. The potential for IoT ransomware to cause problems is enormous, and it is only a matter of time before more hackers find a lucrative angle that makes it worth the effort to compromise IoT devices.
4. State-Sponsored Cybercrime
State-sponsored cybercrime continued to rise in 2018. As world governments grow ever more dependent on technology, cyberwarfare is becoming an increasingly attractive option for states attempting to inflict damage on their adversaries. Government-backed organizations in several countries, including North Korea, Iran, Russia, and China, are believed to have carried out cyberattacks against governments and businesses in 2018; with sophisticated attacks on financial targets originating from North Korea, Iran and Russia, while China was linked to a number of high profile industrial espionage activities.
United States government officials and senior military leaders are working on strategies for responding to state-sponsored cyberattacks; however, several factors are making this effort problematic. For example, determining who ordered the breach can be difficult and time-consuming. Attacks may be traced to a specific location, but there are criminal elements within each country that are capable of carrying out large-scale breaches without their government assistance. Additionally, going public with proof of state-sponsored cyberattacks could expose closely guarded secret details about sources and methods of gathering intelligence. There is also a reluctance to retaliate with offensive cyberattacks, due to the fear of escalating the situation and unleashing even more disastrous countermeasures.
Nevertheless, those factors didn’t stop the U.S. and the U.K. from assigning blame for the WannaCry attacks last year on North Korea. Then, in February this year, the U.S., along with six other nations, publicly exposed the Russian government for the NotPetya malware attacks. Sarah Sanders, White House press secretary, said the attack “was part of the Kremlin’s ongoing effort to destabilize Ukraine and demonstrates ever more clearly Russia’s involvement in the ongoing conflict.” She went on to say, “This was also a reckless and indiscriminate cyber-attack that will be met with international consequences.”
State-sponsored attacks demonstrate remarkable complexity. Addressing this growing threat will require the government to work with our allies and private sector organizations to strengthen cyber defenses and make hacking more difficult and less lucrative.
5. The Cybersecurity Workforce Shortage
Cybersecurity talent gap continued to grow in 2018, providing a dynamic and lucrative job market in terms of job availability and compensation. Driving this ever-widening shortage is a lack of qualified candidates, the dramatic rise in cybercrime, and the rapidly evolving cybersecurity landscape. In the U.S. alone, there are approximately 300,000 unfilled cybersecurity jobs. On our current pace, we will end 2018 with over 30,000 more openings than we had at the beginning of the year. This trend is predicted to worsen, with an estimated 3.5 million unfilled cybersecurity positions worldwide by 2021.
The cybersecurity workforce shortage has left many IT security teams shorthanded and scrambling for talent. Finding qualified professionals to handle this threat is one of the biggest challenges businesses and governments will face in the coming years. Given the complexity of our interconnected world, many organizations are beginning to view every IT position as a cybersecurity position, enlisting their entire IT teams to work together to protect and defend apps, data, devices, infrastructure, and people.
Machine Learning is another approach organizations are taking to fill the cybersecurity workforce gap. Machine Learning can automate the critical business processes that help protect systems from a wide range of attacks while reducing the dependency on scarce security resources. As the amount of data being processed increases and the number of experts available to interpret the data decreases, reliance on Machine Learning for cybersecurity continues to grow. Unfortunately, threat actors are also increasingly using Machine Learning for nefarious activities. As the cybersecurity arms race heats up, Machine Learning and Deep Learning techniques will play increasingly important roles in both attack and defense.
Staying on top of current trends is essential for keeping your organization safe from cyberattacks. Cybercriminals are everywhere, and they tend to prey on the uninformed and the unprepared. With a solid understanding of the challenges you face, you can identify risks, update your technology and processes, and develop mitigation plans to deal with the fallout.
The trends outlined in this article are likely to increase and intensify in 2019, as new threats emerge. Are you ready for the coming year? Surveys indicate 85% of organizations believe the likelihood of a cyberattack will increase in 2019, yet only 23% of them have adopted a strategic plan to address the risks. Interested in learning more about how current cybersecurity trends could affect your organization? Contact us to discuss how we can help you with your cybersecurity assessments, strategies, products, implementation, and management.