As we move into the new year, digital transformation continues to be a top priority for businesses. The shift from legacy applications and architectures to modern, cloud-based technologies, is resulting in new security needs. Coupled with the growing trends of big data and artificial intelligence, cybersecurity experts have their work cut out for them in 2019.
Here are some of the threats we anticipate to headline the news this year:
Increasing instances of Cryptojacking. If ransomware is an indication of anything, it is that criminal organizations will continue to employ malware for profit. Cryptojacking or Cryptomining malware, uses both invasive methods of initial access, and drive-by scripts on websites, to steal resources from unsuspecting victims. Cryptojacking is a quieter, more insidious means of profit affecting endpoints, mobile devices, and servers —it runs in the background, quietly stealing spare machine resources to make greater profits for less risk. Due to its ease of deployment, low-risk profile, and profitability, this trend will continue to increase in 2019.
IoT attracts unwanted intruders. Connected devices that are capable of data transmission have already become a part of our daily lives. Businesses and consumers use a variety of them: Alexa and other voice-activated home devices, smart locks, insulin pumps, pacemakers, smart air conditioning and so on. Smart functions are incorporated across product lines -- personal assistants on smartphones always listening, as well as internet-connected devices such as smart TVs, conference phones, and smart appliances. These devices make it difficult for organizations to know what information is leaving their networks or what is being secretly captured and transmitted by devices such as smartphones, smart TVs or conference phones.
Machine Learning will be weaponized. Machine Learning is fast gaining traction and will become the next attack vector over the next few years. As these intelligence platforms are becoming increasingly relied upon to automate informed decision making based on information profiles, it would seem remiss for security experts and teams not to consider these platforms themselves becoming the next attack vector. If a sophisticated attacker could find methods to inject confusion or misleading indicators into the information pools used for decision making, it could make it possible to hide amongst the injected noise.
Sandbox-Evading Malware. Sandboxing technology is used for the detection of malware and preventing them from infecting the system. In this method, malware are kept in a controlled environment to see and study their behavior. However, new malware has been programmed that can watch out for themselves and identify and detect if they are in a sandbox and prevent themselves from executing their codes until they come out of the sandbox and actually execute those malicious programs. These types of malware are sandbox-evading and are expected to be a rising trend in 2019.
Credential theft will continue to rise. Whether its due to highly targeted phishing campaigns, information being passed on to third parties, or machine learning, and artificial intelligence being deployed as the next attacking vector, we’ll continue to see soaring figures of breaches in 2019, if advanced identity-security approaches are not taken.
Is your business ready to take on these emerging threats? Contact IT Solutions to discuss what preventative measures are needed to protect your business, your employees and your customers. Want to learn more about the security threats out there? Visit our News page and click here to read about our ITSecure+ offering.