Data protection is no longer just a technology issue. It is political and commercial impact is far-reaching. In 2018, we saw the Europe Union introduce sweeping data protection legislation under the General Data Protection Regulation (GDPR). And in the United States, leaders of tech giants testified before Congress regarding data privacy and protection. There’s a heightened awareness of and expectation for better information security and that’s a good thing.
But just as a new data protection baseline has been established, the complexity and frequency of cyber security threats is increasing. Threats that were novel a few years ago are now available as a service and with little technical expertise. 2018 saw an increase in hijacking IT resources for mining cryptocurrency, but ransomware, insider attacks and malware aren’t letting up. While these threats will continue, here are some key trends to keep a close eye on in the year ahead.
Biometric hacking, an increase in phishing attacks and sophisticated use of artificial intelligence (AI) are among the top cyber security threats to be expected in 2019, as attackers stop at nothing to steal identities and evade detection through new techniques.
Attacks through theft of biometric data
While several major leaks of biometric data have already occurred globally, the Middle East and Africa regions could see the first attacks in the theft and use of biometric data in 2019, according to Kaspersky Lab.
“As more biometric systems for user identification and authentication are being implemented by various financial institutions in META (Middle East, Turkey and Africa), 2019 will see criminals exposing vulnerabilities in passcodes, touch ID sensors and facial recognition,” says Fabio Assolini, senior security researcher at Kaspersky Lab.
“While many financial organisations consider these emerging biometric-based solutions to improve security over current authentication methods, biometric data will increasingly be used to steal sensitive information.”
AI, machine learning make attacks harder to detect
Manuel Corregedor, COO at Telspace Systems, says 2019 will see more advanced exploitation of AI to carry out and conceal new exploits.
“I believe we will see an increase in attackers utilising AI and machine learning as a means to make their attacks more difficult to detect or prevent,” says Corregedor.
However, AI will also change the way the industry deals with threats.
Brian Pinnock, cyber security specialist at Mimecast, says AI and machine learning will play a more prominent role as the velocity and variety of attacks makes conventional approaches – such as blacklists – outdated and ill-equipped to deal with modern cyber threats.
“Organisations will realise the importance of threat intelligence and will focus on the need for an ‘intelligence function’ to identify threats,” says Pinnock.
Phishing scams to soar
As e-mail attacks grow more frequent and complex, more organisations will be left scrambling for new ways to reduce risk and better detect and remediate threats in 2019.
Pinnock says throughout 2019, the most insidious development won’t be new attack types, but, rather, improved execution of existing attack types, especially those delivered via e-mail.
“Phishing techniques like the use of homoglyphs, elongated URLs, legitimate certifications (green lock), and credential-harvesting sites will increase. Flawless phishes will continue to prey on the gap in human firewalls, pivoting internally around organisations and intensifying efforts to better educate all staff.”
Dr Jabu Mtsweni, research group leader for cyber defence at the Council for Industrial and Scientific Research (CSIR), points out that phishing scams are still quite popular as cyber security awareness remains low.
“Denial-of-service attacks on government Web sites were also popular in 2018. This includes injection of malware on government Web sites that remain undetected. In 2019, malicious e-mail and links will continue to be used by criminals to get access to organisations’ networks.”
Fake videos bring new era of fake news
UK-based innovation foundation Nesta forecasts that 2019 will see a new level of malicious posts on social media as fake videos set the next stage in fake news.
Lifelike computer-generated graphics – appearing to show video footage of events that never really happened – will be used to mislead the public.
“We predict that within the next 12 months, the world will see the release of highly authentic-looking malicious fake videos, which could cause substantial damage to diplomatic relations between countries,” says Nesta. “Deepfakes, a new AI-based technology that makes it possible to create fake videos of individuals nearly indistinguishable from the real thing, will make this possible.”
The innovation foundation believes that Deepfakes have the potential to spark a geopolitical incident if a politician or celebrity is maliciously impersonated.
Improved execution of existing attack types
In 2018, cyber attacks and data breaches continued to increase in both frequency and intensity, and organisations can expect more of the same in 2019, according to experts.
Corregedor points out that the biggest cyber security event of 2018 is probably just the sheer number of data breaches that have occurred across industry sectors, some utilising advanced attacks, others as a result of mistakes made by the affected organisations.
Over 4.5 billion data records were compromised worldwide in the first half of 2018, according to Gemalto’s latest Breach Level Index.
Pinnock points out that better social engineering, increases in credential stuffing attacks, and more complicated malware with multiple stages and different form factors for transmission will make threats incredibly tricky to detect in 2019.
“With global cyber crime organisations growing in maturity and sophistication, many are now acquiring capabilities that were once the sole reserve of nation states,” notes Pinnock.
“We’re likely to see these cyber criminals use stolen credentials from the past few years’ data breaches to compromise the security of even the most secure organisations. Even companies with good cyber protection have little protection against the reuse of passwords that have been collected in other breaches.”
Slight decrease in crypto currency attacks
According to Kaspersky Lab, 2018 saw a rise in the malicious use of crypto currency miners, with virus attacks and malicious software against crypto miners growing almost fourfold.
Kaspersky predicts that crypto currencies as a means of payment will decline further in 2019, and this trend is expected to lead to a slight decline in crypto currency threats.
“In the face of huge commissions, slow transfers, a large price for integration, and, most importantly, a small number of customers, the use of crypto currency as a method of payment has declined steadily from 2017 and will continue to decline in 2019.”
However, those crypto currency threats that do occur will be focused on mining malware, with the intervention of new players and the continuation of the use of ransomware.
“In 2018, the META region became more appealing to cyber criminals, with financial and malicious crypto mining attacks taking centre stage,” notes Assolini.
“Illegal mining of crypto currencies increased dramatically to overtake the main threat of the last few years – ransomware. We believe the reason for this is that mining is silent and causes less impact that ransomware, making it less noticeable.”
Mobile, in-the-app malware
While malware that runs on the Windows operating system vastly outnumbers malware for any other platform, users of mobile devices are increasingly subject to malicious activity that pushes malware apps to their phones, tablets, or other devices running Android and iOS, according to computer network security company Sophos’ 2019 Threat Report.
For some time, malicious versions of popular apps were predominantly found on third-party app stores. These can be sketchy places, hosting pirated and/or trojaned versions of legitimate apps, notes the report.
Unusual malicious campaigns affecting the Android platform – phishing-in-the-app – can be expected in 2019, warns Sophos.
“In 2018, we discovered one way that criminals can bypass the Play Market’s source code checks was by not including anything malicious in the app itself, but rather by making an app that, in essence, is a browser window to a phishing site. The apps, in this case, were designed in tandem with the phishing site so the user had a seamless experience,” notes the report.
5G deployments to fuel threats
A number of 5G network infrastructure deployments kicked off this year, and 2019 is expected to be a year of accelerating 5G activity. While it will take time for 5G networks and 5G-capable phones and other devices to become broadly deployed, experts predict growth will occur rapidly.
According to Symantec’s Cyber Security Predictions: 2019 and Beyond, growing 5G deployments and adoption will expand the cyber-attacks surface area.
“As a stepping stone to broad deployment of 5G cellular networks, some carriers are offering fixed 5G mobile hotspots and 5G-equipped routers for homes. Given the peak data rate of 5G networks is 10 Gbps, the shift to 5G will catalyse new operational models, new architectures, and, consequently, new vulnerabilities.
“Over time, more 5G IoT devices will connect directly to the 5G network rather than via a WiFi router. This trend will make those devices more vulnerable to direct attack.”
IIoT attacks not slowing down
Industrial IoT (IIoT) attacks through cloud infrastructure and over-reliance on AI in cyber security systems are two critical risks for enterprises in 2019, according to Forcepoint’s 2019 Cyber security Predictions Report.
“In 2019, attackers will break into industrial IoT devices by attacking the underlying cloud infrastructure. This target is more desirable for an attacker – access to the underlying systems of these multi-tenanted, multi-customer environments represents a much bigger payday.”
Three elements expected to play a significant role in the increase of IIoT attacks, according to the report, are: increasing network connectivity to edge computing; the difficulty in securing devices as more compute moves out to the edge; and the exponential number of devices connecting to the cloud for updates and maintenance.
Rise of SaaS
Gilad Peleg, CEO of cyber security firm SecBI, predicts that in 2019, the model of enterprise software deployed on-premises will gradually disappear as it’s replaced by Software-as-a-Service (SaaS).
Many of the resources once in the hands of corporates, like the database, e-mail server, ERP, CRM and others, will all move to the cloud, leaving enterprises vulnerable, he observes.
“SaaS’ greatest advantage is also its greatest weakness. With SaaS, you need much less IT. This is a benefit at first glance, but upon inspection, it becomes a problem – you don’t control the access, or the data.