CYFIRMA’s Cyber Threat and Risk Prediction for 2019
Nov 28, 2018
SINGAPORE, November 28, 2018 – CYFIRMA, releases its 2018 Cyber Threat Report Card and Cyber Risks Predictions for 2019.
Kumar Ritesh, CYFIRMA Chairman and CEO says “While 2018 was a year of financially motivated threat actors having a free run against individuals, organizations, institution and countries, we have noticed an increasing trend of state sponsors interested in arming threat actors to pursue defined geopolitical objectives. Cryptocurrency exchanges, healthcare companies, the energy sector, and traditional financial institutions were at the brunt of cyber attacks this year. What has been very interesting to witness is the shift in the hackers’ intention to use emerging technologies, increasing the difficulty in defending an attack surface which has had limited to no prior experience with these new tools and methods.”
CYFIRMA’s cyber analytics platform demonstrated its predictive capabilities by releasing 16 Early-Warning Threat Reports detailing imminent cyber threats to various technologies, across organizations industries and countries, out of which 11 to date are active threats in the wild.
As we enter 2019, cyber attacks and breaches will continue to increase in intensity and frequency. Based on our research, we believe we will see the following trends and shifts:
Hackers will be intensifying their attacks with emerging technologies: 2019 will be a year of threat actors exploiting emerging technologies, operationalizing AI/ML to launch hyperbolic, multi-dimensional cyberattack; exploiting humanoid systems, blockchain ecosystem, and autonomous system.
Personal behavioral data will be the next goldmine: Hackers will potentially access and perform social engineering attacks impacting not only influential individuals but organizations and nations. Cybercriminals will have the ability to search for susceptible targets to be used as mules, recruited unwillingly to penetrate and access a government or corporation’s target systems and data for any number of illegal and nefarious objectives.
Tokyo 2020 Olympic game themed attacks: Nations not wanting Japan to succeed in hosting a successful Tokyo 2020 Olympic games event will continue to use every opportunity to cause reputational damage.
Rise in corporate/state-sponsored espionage: We will continue to see Chinese, North Korean, and Russian State-sponsored cyber assaults this year on organization and nations. The world’s superpowers continue to build and demonstrate their political power and build their [technology] war chests.
Attempts to tarnish the cloud: Multiple attacks on AWS and Azure containers were a wake-up call to the large cloud service providers in 2018, and there is a continued undercurrent in the hackers’ community to launch more nefarious and aggressive attacks in 2019. The prize is extremely high as compromising the public cloud security layer will give access to a variety and multiplicity of data assets. Despite the continual publicity around repeated cloud breaches, most organizations still do not have a comprehensive security policy defined and enforced across their entire cloud data estate.
Year of multihomed malware attacks: Ransomware, crypto mining, banking Trojans and VPN filters are some of the key malware challenges that continue to threaten businesses and consumers. The trend will continue with increasing sophistication in areas such as ransomware. We saw in 2018 behavior mapping malware, SamSam and GradCrab, evolve and adapt in the target system depending on instructions received by the command and control center, accurately impersonating legitimate applications.
Internet of Things will face the Attack of Things: 2018 saw at least 10 new variants of Mirai using old attack vectors. We will see the same growing trend of new variants in 2019. Every IoT device manufacturer had some type of device vulnerability this year, but despite the growth of IoT devices and attacks against the IoT ecosystem, there is still no common standardization effort being made by the manufacturers.
Identity Theft will continue unabated: Identity theft will take center stage among the many statistics and facts encompassing the entire realm of cybercrime. Privileged attack vectors will continue to be the number one root cause of breaches for both consumer and business data. Password theft and password-based breaches will persist as a daily occurrence in 2019.
Supply Chain Systems will be a new match in the game for hackers: Corporate attacks and corporate espionage will take on a whole new stage as more supply chain attacks with embedded malware are discovered. Recent accusations of China allegedly embedding tiny chips into super microservers for spying purposes is only the tip of the iceberg.
GDPR related theft will make organizations shiver: We may potentially witness the first major GDPR penalty in 2019 which will accelerate the process for organizations to start assessing the cost of remediation and compliance. Ironically, this may lead to a massive social engineering opportunity for hackers to exploit these compliance and remediation processes. GDPR related cyber thefts are expected to cost enterprises $450 million annually.
DDoS isn’t going anywhere: DDoS is the dirty secret for many organizations, and attacks will continue to grow. Hackers will continue to use this approach as a cash-cow due to the low cost of launching such attacks with immediate rewards – the victim generally always pays for it to go away. Cryptocurrencies will aid the propagation by making it even easier to collect rewards from victims. The double penalty for the victim is that the total cost for the victim is much higher than the ransom itself, as it involves system analysis, reconstruction and defending against the next attack. Japan is one of the top 10 countries to be affected by DDoS attacks.
Age of machine-based attacks will begin: The new age of attacks coordinated with the use of AI/Machine Learning will propagate higher. We anticipate that at least 70% of companies will experience botnet attacks with an average annual breach cost per company estimated to be US$400,000.
Social Engineering, Phishing / Smishing will continue to rule as the most prolific attack vector: There will be an ongoing shift in the most prevalent attack vector from the network- to the user. Organizations will need to reassess and redefine their security strategy and posture by recognizing that the individual users are their weakest link. We estimate that almost 65% of companies targeted are by phishing attacks.
Cyber-attack on Critical infrastructure will rise with state-sponsored groups taking center stage: Cybercriminals will use ransomware against critical national infrastructure to achieve both financial and state-sponsored goals.
More aggressive takedown on Cryptocurrency exchange and trading platforms: We see signs that 2019 will be the year where institutional capital will finally enter the cryptocurrency market. In parallel, thefts from cryptoexchanges will rise. With the continued growth of cryptocurrency mining, we will also see hackers use ingenious ways of hijacking hardware mining resources from unsuspecting victims. Hackers from North Korea, Russia, China, and Ukraine will show escalating interest in Japanese cryptocurrency exchanges and trading platforms.
CYFIRMA will be launching a new version of its Cyber intelligence analytics platform (CAP v2.0) in April 2019, an industry first in comprehensive Cyber Threat Visibility and Intelligence. CAP v2.0 will enhance core security controls and processes with predictive, relevant and prioritized threat intelligence. The result is an optimized security posture that will be resilient against all current and future threats.
Kumar Ritesh reiterates that “the cybersecurity landscape of Japan and South East Asia is changing dramatically, due to the aggressive involvement of state-sponsored hackers and an expanding attack surface. Nations will also continue to acquire and build their cyber warfare capability to strengthen their national interests. Digital proliferation will continue to outpace the speed with which defense mechanisms are being invented and applied to protect emerging technologies. Organizations need to balance the need for new technologies to enable business efficiency, expansion, and flexibility while defending against the increasing complexity and variety of new attacks created by emerging technologies.”
CYFIRMA defends against cyber attacks by supplying organizations with real-time threat intelligence that enables them to take a more proactive security approach. By aggregating, correlating and analyzing information from hundreds of thousands of sources on the open and dark web, CYFIRMA, helps companies anticipate what types of attacks are most likely to occur and provide the most effective response. CYFIRMA is a business division of Antuit, a global analytics firm.
Antuit is global analytics solutions provider primarily serving the retail & eCommerce, consumer products, and manufacturing & logistics industries. Since 2013, Antuit has been on a mission to help leading multi-national, and high-growth companies predict, shape and fulfill demand. Combing deep domain expertise with proprietary solutions and technologies like machine learning and AI, Antuit delivers revenue and margin growth, improved supply chain efficiency, and enhanced customer experience.