2018 is here and it is looking to be a big year in terms of escalating cyber threats. State sponsored attacks are stoking cyber security fears and the impending implementation of GDPR will change how businesses handle data. Riversafe would like to share with you our cyber security predictions for 2018.
GDPR Will Drive an Increase in Data Protection Practices
The General Data Protection Regulation (GDPR) goes live on the 25th of May, 2018. GDPR is not a perfect solution to the problems surrounding digital privacy. In fact, many question the capacity at which these new regulations can be enforced. Consequently, we expect that despite GDPR there will still be many cases of enterprises concealing data or not deleting data as requested, and getting away with it unless there is a huge scandal. This does not mean GDPR will be ignored. Many organisations are making sure they are well prepared for its implementation, not wishing to risk massive fines.
Steadily Increasing Machine Learning Integration
Machine learning was the belle of the ball in 2017 and, despite the true promise of AI being some years away, 2018 is likely to be no different. We expect machine learning to make its way into enterprises in the role of assistants, riding on the back of existing technology like mobile phones, threat intelligence platforms, and network security analytics. This last space in particular is one we believe will have significant impact and we are hosting a machine learning and security analytics event this January with Splunk, our partner and a leader in these fields. Register here to get ahead of other businesses who will struggle with implementing this important advancement in technology.
The Ascendency of Cryptocurrencies Increases Risk of Ransomware
Gone are the days of demanding a suitcase full of non-sequential, unmarked bills. Cryptocurrencies mean that cyber criminals have a variety of easy ways to monetise their exploits. Whether hacking exchanges directly, mining scripts that target web browsers, or encrypting vital data and demanding ransom for it, the attacks will become more sophisticated and finding the attackers will be increasingly difficult.
IoT Botnets Will Strike in Large Numbers
2017 saw cyber attacks like WannaCry and BadRabbit affecting enterprises on an international scale, and we expect these attacks to increase in 2018. While the UK and US governments are taking steps to counter these kinds of attacks, there are many exploitable weaknesses in humanity’s digital infrastructure. One major weakness was in the news recentlythanks to the Reaper botnet: Internet of Things devices. Reaper was designed to actively exploit simple vulnerabilities in IoT devices and we expect similar attacks in 2018 in even greater numbers. Many IoT devices don’t have a physical interface with the system, like a screen or touchpad, and so many victims may never know they’ve been compromised.
A Sharp Rise in Security Technology Integration
Throughout 2017 we saw an increase in enterprises integrating cybersecurity technologies into their business and this continue in 2018, especially as enterprises shift to hybrid cloud infrastructure and respond to GDPR and higher attack frequency. Consumers are becoming aware of just how much of their data is being kept by enterprises without their knowledge. Businesses know this concern will be at the forefront of their customers’ minds and will change practices to gain the public’s trust. We also expect increased transparency around data use in order to reassure customers that it is kept for good reason. Demand for cloud security services will surge. Just remember that as businesses get better at defending themselves, so do attackers improve at breaking down those defences.
Written by Kumar Sumeet, Principal Security Consultant, and Sharla Kew, Security Consultant, RiverSafe