The 7 methods cyber criminals will use to attack Australian businesses, and the internet as a whole, in 2019.
Security pundits predict the ways that cybercriminals, nation-state actors, and other attackers will refine their tactics, techniques, and procedures in the coming year, writes Ericka Chickowski for www.darkreading.com.
Itu2019s time to turn the page on yet another year, which means itu2019s also time to look into that crystal ball and speculate u2014 wildly or not u2014 on where cyberattacks will take us in the coming months. Security researchers agree that the old standbys, such as phishing, ransomware, and credential attacks, will keep plaguing organisations as much as ever.
But the threat landscape is never static, so security professionals can surely expect the bad guys to continue refining their attacks in 2019.
Hereu2019s what the prognosticators believe are the 7 tactics the attackers have in store for us in 2019:
Attackers Will Leverage AI
This past year has seen a ton of security companies tout their advanced artificial intelligence (AI) and machine-learning (ML) capabilities in thwarting attacks. But this is spy vs. spy, so expect attackers to have their own AI tricks up their sleeves.
u201cCybercriminals have attained a decent level of proficiency in practical AI/ML usage,u201d says Ilia Kolochenko, CEO of High-Tech Bridge. u201cMost of the time, they use the emerging technology to better profile their future victims and to accelerate time, and thus effectiveness, of intrusions.u201d
As Kolochenko puts it, many of those cybersecurity startups that throw around AI and ML in their pitch decks and marketing slicks donu2019t actually have a whole lot under the hood to back up their claims. Not so for the attackers. u201cThe bad guys are focused on its practical, pragmatic usage to cut their costs and boost income,u201d Kolochenko says of malicious AI usage. u201cWe will likely see other areas of AI/ML usage by cybercriminals. We will probably have the first cases of simple AI technologies competing against each other in 2019.
Critical Infrastructure Tactics
Critical infrastructure is finally gaining some level of awareness among cybersecurity and operational executives, as real-world attacks start demonstrating what a lot of SCADA security experts have warned about for years. The question is whether that awareness can translate into fast enough action on the part of defenders. Security experts, including Justin Fier, director of cyber intelligence and analysis for Darktrace, say that in 2019 the attackers will be increasing the scale and sophistication of their targeting in these environments.
u201cSince the attacks on the Ukrainian power grid in 2016 and Triton in 2017, attacks on industrial environments have become mainstream. With several nation-states providing warnings in 2018 about ongoing targeting of their energy grids, 2019 looks set for increasing numbers of high-profile cyberattacks on our critical infrastructure,u201d Fier says.
u201cDarktrace is specifically looking at three threat vectors: smart meters and IoT (Internet of Things) devices; disruption of core logistics and transportation services, specifically in shipping; and sporting events infrastructure.u201d
u2018Influence Operationsu2019 Move Beyond Politics
News of election tampering and the Cambridge Analytica scandal brought into sharp focus the kind of deep damage that cyber influence manipulators can have on society. Security pundits say they believe that u201cinfluence operationsu201d will move beyond the political realm in 2019.
u201cWhether leveraging compromised data or strictly propaganda or false information, all variety of actors can use information operations to further their personal or organisational goals. Notably from a retail or economic espionage perspective, consider the possible effects of such an operation,u201d says Adam Vincent, CEO and co-founder of ThreatConnect.
u201cA competing retailer could post scores of negative reviews for a competitor in hopes of ultimately driving down that organisationu2019s business. Similarly, a nation-state could minimise competition for its domestic companies by conducting information operations targeting foreign organisations.u201d
Scaling Up IoT Botnets
Itu2019s been over two years since the Mirai botnet made waves with its first round of massive online attacks, proving the case to attackers on the usefulness of Internet of Things (IoT) devices in forming botnets. Security pundits say that cybercriminals will continue to build off the momentum of the past several years in scaling up unprecedented IoT botnets next year.
u201cWhat is changing, and will become only more apparent in 2019, is the size of the attack surface and the velocity of the attacks themselves. The Internet of Things felt like a neat buzzword a few years ago, but literally every facet of our lives is now online,u201d says Sean McGrath, privacy expert and cybersecurity advocate at BestVPN.com. u201cFrom the cars we drive and the planes we fly to the critical infrastructure we rely on for our energy, water, and safety u2013 everything has an IP address.u201d
And if itu2019s online, it is ripe for attack, he adds. u201cAnd the larger the attack surface, the greater the real-world consequences will be when things do go wrong,u201d McGrath says. u201cHackers are exploiting the woefully inadequate security on smart home devices to build powerful botnets, capable of delivering devastating DDoS attacks.u201d
According to McGrath, many of those devastating attacks researchers expect on critical infrastructure u201cwill be powered by the devices in our homes.u201d
Cloud Infrastructure Is Too Tantalising to Ignore
IoT devices wonu2019t be the only ones bot herders will favour in 2019. Cloud infrastructure will also prove a juicy target.
u201cRecently there has been a change in devices targeted by bot herders. Based on developments we are seeing in the wild, attackers are not only attacking resource-constrained IoT devices, but they are also targeting powerful cloud-based servers,u201d says Daniel Smith, head of security research for Radwareu2019s Emergency Response Team. u201cWhen targeted, only a handful of compromised instances are needed to create a serious threat. Since IoT malware is cross-compiled for many platforms, including x86-64, we expect to see attackers consistently altering and updating Mirai/Qbot scanners to include more cloud-based exploits going into 2019.u201d
This is just one of the many cloud avenues attackers will go down in the next year. According to Gartner, public cloud services are on track to grow by 17.3% in 2019. The more we move to the cloud, the more attackers will be seeking to take advantage of that attack vector. Smith believes weu2019ll be seeing public cloud services targeted by at least one major attack in 2019.
u201cWhile cloud adoption is touted as faster, better, and easier, security is often overlooked for performance and overall cost,u201d he says. u201cOrganisations trust and expect their cloud providers to adequately secure information for them, but perception is not always a reality when it comes to current cloud security, and 2019 will demonstrate this.u201d
Getting to IoT Through the Supply Chain
Major news coverageu00a0of supply chain attacks in our technology ecosystem has demonstrated the lengths to which attackers will go to initiate their activities at the supply chain level. Some security experts believe that these kinds of attacks will target IoT devices in a big way next year.
u201cThe major devices targeted will be IoT and will range anywhere from consumer-based routers to home-based nanny cams,u201d says Morey Haber, CTO at BeyondTrust. u201cExpect the supply chain for many vendors, including those that produce personal digital assistants, to be a new target from threat actors who infiltrate environments and insecure DevOps processes.u201d
To ensure your business is as protected as possible, contact the cyber security experts at Domain Digital on (08) 9441 6300