2018 has drawn to a close, and as business begins to get back up to speed after the holiday period, cyber attackers continue to scour the web in search of vulnerable targets. Attack actors discover and develop new methods and vectors over time as security technologies evolve. What can you do to protect your organisation from these evolving attacks?
Agilient is at the forefront of cybersecurity, keeping in touch with trending cybersecurity risks and technologies. As such we’ve compiled a small but helpful list of predictions for this year to assist in focusing your cybersecurity efforts and ensuring your organisation remains safe in 2019. This list features predicted risks, advancements in security technologies and legislation as well as some tips to mitigate the predicted risk.
Ransomware Will Become More Focused
According to Kaspersky, ransomware encounters in 2017 to 2018 fell by nearly 30% compared to 2016 to 2017. However, despite the decrease in encounters, the attacks became more focused, where malicious actors were focusing their attacks at specific organisations or industries. Symantec reported focused attacks within the municipal and healthcare organisations in the U.S.
Implementing a well-rounded security policy within an organisation can help mitigate the risk of ransomware. Training users to be more vigilant with email attachments and sources can have a major impact on the security of an organisation, as illegitimate emails with malicious attachments is generally how ransomware propagates through a network.
Increased Prevalence of ‘Cryptojacking’
Cryptojacking is the malicious act of hiding cryptocurrency ‘miners’ on a victim’s systems. A ‘miner’ is a software program that generates cryptocurrency using compute power. These hidden programs generally may not disrupt general business operations outside of perhaps slowing systems down due to their heavy computer resource usage. The cryptocurrency mined on these machines are then sent to the attackers which can then be converted into real-world currency.
These mining tools are readily available such that technically unskilled attackers can take advantage of them. Cryptomining attacks have increased by 45% and will continue to disrupt organisations in 2019. These attacks can be prevented by implementing good security policy in the organisation, as well as deploying a network monitoring solution. Engineers can keep on the lookout for cryptojacking by monitoring system resource usage and investigating slow machines. Good egress filtering on a server can also help by monitoring outbound connections.
Legislative and Regulatory Activity Will Increase
With the number of privacy and security concerns on the rise in 2018, many governments will begin or will be in the process of implementing new legislation in an attempt to enforce data protection and encourage organisations to invest more resources into improving data security across all industries.
In Australia, 2018 saw the introduction of the Notifiable Data Breach Scheme (NDBS) where all organisations above a certain size must report all data breaches where customer data may have been compromised to the government or face serious fines. The European Union also introduced the General Data Protection Regulation (GDPR), which enforces data protection and privacy for all individuals within the EU. It gives individuals control over their personal data stored by organisations online. We predict that many other countries and regions will begin to follow suit in 2019. Keep on the lookout for any new legislation or regulation that may affect your region.
Increase in Software Supply Chain Attacks
This form of attack is becoming increasingly common, where an attack implants malware into legitimate software packages at its usual distribution location. These attacks could occur during production at the software vendor or at a third-party supplier. With the countless number of software production companies, it could be easy for an attacker to narrow down a vulnerable few and implant their malware into seemingly harmless software. If an attacker were to exploit the production of a popular software package which on a user’s computer were to automatically update, the malware would be rapidly distributed. The software has already been deemed safe by the user’s computer, therefore bypassing anti-virus and anti-malware programs.
Ensuring that every stage of production is kept secure is paramount to preventing this type of attack. Software vendors should encourage engineers to safely and securely distribute code internally, and with third-party suppliers. Securing networks even internally is also very important. Secure programming should also be practiced.
Multi-Factor Authentication for Online Transactions
Currently, the majority of retailers only accept password authentication when making purchases through their online storefronts. In 2019, we may see an increase in the use of multi-factor authentication (MFA) for both account login and when making purchases. Some retailers and retail software vendors have already implemented MFA where users are sent an SMS code to ensure that the user is who they say they are. We predict that this trend will continue, with recent news of data breaches affecting large retailers globally. Ideally, multi-factor authentication should be used everywhere, but in the world of online fraud and its impact on the retail industry, retailers should take this approach much more seriously.
Organisations Who Disregard Cybersecurity Will Suffer
The impact that a data breach could have on an organisation has been increasing astronomically as organisations depend on computers and the internet for their business operations. Organisations that do not invest in security policy and infrastructure will continue to be attacked and the impact that it will have will only increase in severity. A phenomenon coined “death by data” has been identified as the fastest growing cause of bankruptcy by the NSW Business Chamber who found that 80% of Australian SMEs targeted by a cyber-attack go bankrupt in 12 months.
What Can You Do?
To make 2019 a successful year, we highly recommend and encourage you to invest in the security of your organisation. Cyber-criminals do not discriminate and will target vulnerable businesses regardless of their size or industry. The attack surface can be greatly reduced if security policy is implemented at the core of an organisation and employees are trained to ensure that they follow best security practices in the workplace. If you have any questions or would like to learn more about how you can better secure your organisation and customers, contact Agilient today.