Menu

New Coordinates Articles Details

 

2019 Outlook on the Cybersecurity Threat Landscape - Ash Khan

This article was previously published in RMA Industry Insider.

Accelerated digital innovation is a double-edged sword that hangs over the cybersecurity threat landscape in 2019. As companies rapidly pursue digital transformation to compete, they can expose more of their business to cyber disruption and theft. The problem is that cyber criminals are innovating in lockstep or, in some cases, at a greater rate.

For every major new technology being deployed in the business world, from artificial intelligence (AI) to distributed ledger technology (DLT) to the Internet of Things (IoT), corresponding exploits and malware are being pushed into production in the world of cybercrime—with data poisoning, cryptojacking, and malicious chips among the latest to emerge.

So, it’s fair to say that the 2019 outlook on the cybersecurity threat landscape is hardly optimistic. Still, companies and governments are today more alert to cyber risk, more deliberate in raising defenses, more collaborative in exploring solutions—in short, they are more aggressively seeking to turn the tide.

Certainly, that won’t be easy. 2018 saw little relief from the kinds of exploits that have burdened companies for years, despite investments in security technology and enterprise-wide cyber policies. For example, adversaries go on stealing account information and employee credentials to forge identities and breach networks, by means such as phishing, credential stuffing, and call center fraud.

While all of the usual threats will continue into 2019, our clients and our observations tell us that there are at least 10 issues that merit particular attention in the coming year. They are:

  1. Malicious Chips. One of the most disturbing reports of 2018 indicated that cyber criminals had graduated from hacking software to hacking the computer hardware in global supply chains. At year-end, the technology industry continued to debate the validity of a mainstream media report of widespread, malicious chips. (“Feasible maybe, not practical,” one CEO remarked.) While the report would represent the most significant hardware exploit to date, it would not be the first—nor probably the last. Compromised hardware can be very difficult to detect, and the implications for such advances as IoT could be dramatic. Meanwhile, the cyber battle continues at the software level, where attacks also became more sophisticated in 2018. Both hardware and software will continue to draw fire from malicious actors in 2019.
  2. Cryptojacking. As the use of cryptocurrencies continued to grow, 2018 saw an outbreak of cryptojacking as well as continuing breaches of cryptocurrency exchanges. In one report, detections of illicit cryptocurrency mining have increased 459 percent between 2017 and 2018, using companies’ hardware, processing power, and electricity to mine cryptocurrencies. Additionally, a market research firm reported over 50 hacks of cryptocurrency exchanges, initial coin offerings, and other DLT-based digital currency platforms worldwide since 2011. Cryptocurrency will remain a lure to criminals using these and other exploits in 2019.
  3. Data Poisoning. Machine learning and AI are among the new technologies poised to expand companies’ potential attack surface at an unprecedented rate. Without a thorough understanding of the cyber risks, companies may put their operations, customers, and customer data at risk as they develop AI-based products and act on AI-based insights. One example of this is data poisoning. By influencing the training data used by machine learning algorithms, attackers could negatively influence a range of systems to make decisions in their favor. For example, malicious actors could retrain networks that use behavioral monitoring tools to ensure security. What’s bad behavior would then register as good behavior, giving intruders unfettered network access.
  4. Compromised Data. Data held by corporations is said to be doubling every 18 months. Its value to business is so high that a recently coined saying, “data is the new oil,” has already become a cliché. Data brokers, used by companies for decisions in such areas as consumer credit, represent just one high-profile target of large-scale data theft. These brokers and their clients may have more than theft to worry about in 2019, as we see an altogether different kind of exploit take off. Hackers are looking to compromise the very integrity of financial data, changing profiles, creating synthetic identities, and otherwise altering data so that they can gain advantage, while companies end up making misinformed business decisions. In 2019, the big data problem could be as much about the integrity of data as the confidentiality of data. But no doubt, massive data heists like the mega-breaches of 2017-2018 will continue, as well. Phishing will remain one of the attack vectors of choice exploiting human behavior.
  5. Authentication Attacks. As the move to anytime, anywhere mobile access to anything continues apace, authentication attacks will also increase. And, as methods of verifying mobile user identities evolve, from passwords to fingerprints, faces, and behavioral biometrics (e.g., how a particular user typically handles her phone and its features), attackers will keep looking for implementation flaws to exploit. Evolving authentication techniques may not have inherent vulnerabilities, but they could be open to attack if poorly configured. Recent research indicates possible exploits of fingerprint authentication using AI-generated synthetic fingerprints.
  6. Malware on Steroids. Ransomware, cryptojacking, destructive malware, and the rest of the arsenal used in cybercrime will gain momentum with the increased connectivity of devices (think IoT)—especially as 5G cellular networks are deployed. Faster than today’s connections, these networks will become ubiquitous in the 2020s.
  7. Skills Shortage. The available workforce is not keeping pace with technological innovation—good or bad. The cybersecurity skills shortage has widened to 3 million worldwide, according to a professional cyber certification group. And the more specialized the discipline, the bigger the problem—in application security as well as in securing innovative technologies such as AI, DLT, and robotic process automation.
  8. False Sense of Security. As security vendors increasingly tout AI-powered tools, security professionals will need to separate fact from fiction. Some of these products might not be true AI—or even machine learning—in which case an overreliance on “smart” cyber tools may lead to undetected attacks and breaches. Combined with the skills shortage described above, this will only make matters worse.
  9. Cyber Weapons. As the current U.S. administration moves to ease restrictions on the military’s use of offensive cyber weapons, businesses could find themselves in the line of fire in 2019. If the U.S. openly attacks other countries using cyber capabilities, it will set a precedent for others to do likewise. And the greatest economic impact could be achieved by
    retaliating against American industry—not government.
  10. Compliance, Compliance, Compliance. Cybersecurity regulation is in full bloom, with a proliferation of rules and standards being applied and enforced by international, national, and state agencies; covering sector after sector; and emanating from private industry associations and public-private partnerships. There is no end in sight to the measures aiming to protect data, critical infrastructure, and consumer privacy. In 2019, security professionals will continue to spend a large part of their time focused on compliance and distracted from all the pressing matters above. They could be so intent on compliance that they lose sight of actual cyber risks.

The Takeaway
It’s easy to take your eye off the ball given the complexity in both technology innovation and the cybersecurity threat landscape. It’s more important today, than ever before, to ensure a continued focus on your cybersecurity strategic plan, making adjustments based on the evolving threat landscape, to be prepared to prevent, detect, and remediate cybersecurity issues.

 

View as PDF