With the new year just around the corner, now is the ideal time to look at the year ahead for cyber security. As always, technology has moved forward a great deal in the last 12 months, from new gadgets to ever more sophisticated cyber threats.
It’s no secret that cyberthreats have not only increased in number but that their success and impact have increased as well. The recent AT&T Cyber Security Insights report found that nearly 80% of surveyed organisations had been negatively affected by a cyber security attack in the prior 12 months.
This proves that predicting what the year ahead has in store for cyber security is vital for every organisation, that’s why we’ve put together some of the most likely cyber security trends for the year ahead.
We are all aware of Ransomware by now, but 2017 was the year where Ransomware attacks gained more public awareness through headline stories such as the WannaCry attacks. There has been an influx of Ransomware attacks over the past number of years and that is very likely to continue into 2018. According to the latest prediction report from McAfee, Ransomware attacks are likely to become more sophisticated in 2018 targeting high net worth individuals and corporations. In fact, Ransomware attacks are increasing by 350% every year with an attack on businesses predicted every 14 seconds by 2019.
As homes across the globe become increasingly more and more connected due to the increased convenience IoT devices bring to our lives, it also becomes a cybercriminal playground of opportunity. With so many connected devices in your home, this provides the perfect chance for hackers to steal your personal information and to gain access to your home. Perhaps even more alarmingly, is that IoT devices can be used for large scale DDoS attacks that can take down entire websites or an organisation’s entire online presence. Forester predicts that there will be even more damaging cyber-attacks across a wide range of IoT implementations, with the volume and success rate of IoT attacks predicted to rise.
Attackers will increase their use of Artificial Intelligence, combining it with existing methods to increase their scope of attack. Machine learning has the potential to improve social engineering and make phishing attacks more difficult to recognise by harvesting and synthesizing more data than a human can. By leveraging AI correctly, it can also increase the effectiveness of using weak or stolen credentials on the growing number of connected devices. It can also be used to help attackers scan for vulnerabilities, boosting the speed of attacks and making shorter the time between discovery and exploitation.
Data privacy and data security have in the past been thought of as two separate goals, but the introduction of the General Data Protection Act (GDPR) in 2018 will align these goals. With new global regulations like this coming into effect, and more scrutiny attached to data breaches, organisations will need new frameworks for controlling data. In the last 12 months, we have seen massive data breaches affecting the likes of Uber and LinkedIn. Under GDPR, the ‘destruction, loss, alteration, unauthorised disclosure of, or access to’ people’s data has to be reported to a country’s data protection regulator. Falling foul of the GDPR can result in financial loss, damage to reputation and more.
With these trends in mind, we should see more organisations seeking to actively secure confidential information, especially where consumer data is concerned. If organisations take these proactive measures it should make them more secure. However, with AI and the increasing penetration of IoT devices, cybercriminals will continue to launch ever more sophisticated attacks.