CYFIRMA’s Cyber Threat and Risk Prediction for 2019
Nov 28, 2018
TOKYO/SINGAPORE, Nov 28, 2018: CYFIRMA releases its Cyber Threat and Risk Predictions for 2019.
Kumar Ritesh, CYFIRMA Chairman and CEO says “While 2018 was a year of financially motivated threat actors having a free run against individuals, organizations, institution and countries, we have noticed an increasing trend of state sponsors interested in arming threat actors to pursue defined geopolitical objectives. Cryptocurrency exchanges, healthcare companies, the energy sector, and traditional financial institutions were at the brunt of cyberattacks this year. What has been very interesting to witness is the shift in the hackers’ intention to use emerging technologies, increasing the difficulty to defend an expanding attack surface.”
Mr. Kumar Ritesh highlights the growing space for Cyber Threat Intelligence in 2019, and beyond!
CYFIRMA’s cyber analytics platform demonstrated its predictive capabilities by releasing 16 Early-Warning Threat Reports detailing imminent cyber threats to various technologies, across organizations, industries and countries, out of which 11 to date are active threats in the wild.
As we enter 2019, cyberattacks and breaches will continue to increase in intensity and frequency. Based on CYFIRMA’s research, the following trends and shifts will take precedence:
o Hackers will unleash rejuvenated attacks by leveraging emerging technologies: In 2019, threat actors will show a greater affinity for emerging technologies by exploiting them handsomely. Multi-pronged cyberattacks will be operationalized with increased usage of AI/ML. This will lead to breaches in humanoid systems alongside blockchain ecosystems and other autonomous systems.
o Tokyo 2020 Olympics will be a prime target for threat activities: Countries that are antagonistic to Japan will target the upcoming Tokyo Summer Olympic Games to cause reputational damage. The fact that these games will massively leverage on new-age technologies and digitalization will serve as a beacon for malicious actors.
o State-sponsored/ corporate-sponsored espionage will take centerstage: The next leg of the global trade wars will be fought online- involving state sponsored actors and intelligence agencies initiating corporate cyberattacks. In 2018, the North Korean, Chinese and Russian state-sponsored attacks on nations and organizations have made global headlines. In 2019, additional countries will join the fray in a bid to highlight their own political power and technological might to meet their proxy objectives.
o Hackers will place the highest value for personal behavioral data: Threat actors will exponentially leverage social engineering techniques to attack and mine behavioral data from individuals, societies, organizations and nations. Malicious actors will identify potential targets, recruit them inconspicuously, and exploit their access levels to penetrate government or corporate target systems in a seamless and highly camouflaged operation.
o Cloud security will be repeatedly attacked for vulnerabilities: In 2018, AWS and Azure cloud assets were a favorite target for hackers’ intent on disrupting the public cloud security layer to unearth an assortment of individual and corporate data. In 2019, this trend will continue as hacker communities reiterate their inclination to this favorite prize. Unfortunately, most organizations are still not trending towards employing a comprehensive security policy for their cloud-based data assets and footprints, inadvertently playing into the hands of these threat actors.
o Internet of Things (IoT) must contend with the hackers’ curiosity: In 2018, as many as 10 new variants of the infamous Mirai botnet were discovered, each employing the old attack vectors. Almost every IoT product manufacturer has exhibited device vulnerabilities, yet this industry is booming away. In 2019, renewed variants of legacy threats will be unearthed, and coupled with the lack of standardization amongst the manufacturers of IoT devices, cyberattacks on IoT sensors is going to ramp up at a never seen before scale. Further possibilities include, IoT weaponization, centralized collection units, and transaction ecosystems to support it all.
o Identity Theft will be an extremely common phenomenon: Globally, both individual and business data will continue to suffer enormous breaches courtesy of privileged attack vectors. Identity theft, as always, will continue to be the mainstay campaign for threat actors who will now intently look towards the east for their exploits. In 2019, expect Asia, and especially Japan, to be severely tested by this problem, almost on a daily basis.
o Multihomed malware attacks on the rise: In 2019, multihomed and multi-magnitude variants of crypto malwares, variety of banking trojans, ransomwares, etc. will expand into some of the biggest challenges to be faced by the cybersecurity professionals. 2018’s examples of SamSam and GandCrab, behavior mapping malware that showed uncanny adapting and evolution skills on the target system whilst mimicking legitimate software, offers some insights into what’s coming up in 2019, and beyond!
o Hackers will be drawn to the vulnerabilities posed by Supply Chain Systems: The latest trend is supply chain attacks with embedded malware. In 2019, increasing number of attacks impacting corporate strategies and supply chain systems are anticipated requiring additional layers in cybersecurity strategy and policy considerations. This could be the first of many upcoming corporate attack strategies by way of supply chain systems.
o DDoS attacks will not lose its potency or applicability: Distributed Denial of Service (DDoS) has always been a favorite with threat actors and the affection is only going to grow in 2019. Attributes such as the low campaign cost and associated rewards will continue to inspire hackers to plot and deploy DDoS attacks. Japan is and will continue to be one of the top 10 countries to be targeted by DDoS outbreaks.
The work is cut out: Modern industrial and business domains have a lot of catching up to do when it comes to cybersecurity, as highlighted by CYFIRMA’s Cyber Threat and Risk Predictions for 2019.
o GDPR based theft will gain the organizations’ undivided attention: In 2019, with organizations needing to adhere with GDPR, they are exposed to any non-compliance related eventualities. One of the facets being fines dished out for not complying, thus opening up avenues for hackers to exploit remediation and regulatory procedures. Data being playing field worth billions of dollars, even a small attack could cost organizations as hackers see opportunities to earn millions.
o AI and ML will power the next salvo of cyberattacks: As high as 70% of the companies will encounter botnet attacks with a flavor of AI/Machine Learning in the immediate future, with the cost of restitution running into an estimated USD 0.4 M per company. CYFIRMA’s research highlights the changing composition of these attacks- multi variant, altering behavior and multi-intent being the common signatures.
o State-sponsored cyberattacks on critical infrastructure will be the norm: Operational technologies like PCI, HMI, Control and Workflow Systems will be high on the cybercriminals’ bucket lists. CYFIRMA’s research has indicated that threat actors are developing new attack methods featuring complex malwares to accomplish tasks such as passive asset discovery and control instruction hijacking.
o The most common attack vector will continue to be Social Engineering and Phishing/Smishing: In 2019, organizations will finally figure out that employees are the weakest link in their cybersecurity posture. This will likely lead to the reassessment and redefinition of core internal security strategies, as the fact that the most prevalent attack vector isn’t the network, but the user becoming part of the conventional threat landscape.
o Cryptocurrency exchanges and trading platforms will need fortification: As institutional capital progressively flows into the cryptocurrency market, thefts will correspondingly increase. The growing necessity for cryptocurrency mining will lead to renewed attacks on mining resources and unsuspecting victims. Already, the Japanese cryptocurrency exchanges and trading platforms have enticed great interest from hackers based out of China, North Korea, Russia and Ukraine. More are likely to follow suit, soon!
Kumar Ritesh reiterates that “the cybersecurity landscape of Japan and South East Asia is changing dramatically, due to the aggressive involvement of state-sponsored hackers and an expanding attack surface. Nations will also continue to acquire and build their cyber warfare capability to strengthen their national interests. Digital proliferation will continue to outpace the speed with which defense mechanisms are being invented and applied to protect emerging technologies. Organizations need to balance the need for new technologies to enable business efficiency, expansion, and flexibility while defending against the increasing complexity and variety of new attacks created by emerging technologies.”