In the world of cybersecurity, every year we witness a multitude of significant events and trends that shape the industry as well as other aspects of the systems we live in. It is crucial to be able to predict and respond to rising threats in a timely manner in the modern threat landscape.
In 2019, the number of state-sponsored attacks and attacks that target critical infrastructure are expected to continue to rise. On the other end of the scale, attackers will likely continue to employ methods like email fraud and spread malware.
As more people from the developing world come online, previously untargeted locations and organizations could also fall victim to cybercriminals. The growth of social media in these countries could boost scammers, who will likely begin targeting more vulnerable victims that are not cyber aware.
The explosion in the number of IoT devices comes with its own set of security problems. The attackers will continue with botnet attacks or brute force attacks targeting the devices which use unsecured communication protocols or have weakly configured authentication.
Attacks on consumer devices will likely continue, with the emergence of new vulnerabilities. Meanwhile, phishing and ransomware attacks are also expected to skyrocket in 2019.
Despite the fact that the growth of the cryptocurrency market slowed in 2018, cryptomining attacks have continued to dominate the threat landscape, indicating that there may be no avenue for the rate of such attacks tapering out.
“Cybercriminals have already gained credit card data of millions of people from breaches of Anthem, Home Depot, Target, Uber, and others. Their next target would be connecting the financial data to the social profiles of the users by attacking social media sites,” said Akshat Kumar Jain, CTO, and co-founder of Cyware Labs.
The growing use of artificial intelligence (AI) in the field of cybersecurity could also become a double-edged sword if attackers incorporate it into their strategies and techniques.
Since conventional warfare is slowly becoming outdated, cyber warfare has been rapidly becoming the new weapon of choice for many governments to settle scores at a global level. Many governments are expected to set up dedicated departments aimed at cyber espionage and offensive operations as well.
Cyware’s CTO, Jain, added that APT groups will likely continue to get more funding from certain nation-states, thus getting smarter and more innovative, in order to propagate their malicious operations.
The cyber risk management strategy of organizations is shifting towards a more proactive approach. Entities are now developing defensive techniques to not just respond but also to predict threats in advance. The importance of cyber threat intelligence is evident in the current threat landscape and the use of threat intel platforms is expected to increase.
Many critical sectors like finance, energy, and defense must step up their security measures to prevent disastrous losses resulting from targeted malware attacks.
“On the bright side, companies have begun understanding the value of situational awareness and sharing of threat intel,” Anuj Goel, CEO, and co-founder of Cyware Labs, said. “This would only increase as more organizations start joining ISACs/ISAOs, as well as smaller trusted groups, are built. Automation will be another big focus – not just to save cost – but to respond faster and to allow machines to make decisions.”
The standardization and sharing of threat intel are expected to be key drivers of innovation in cybersecurity solutions. Introduction of frameworks like MITRE ATT&CK will help executives make better decisions when investing in the security of their organization.
The introduction of government regulations like GDPR increases the challenges for companies who are striving to maintain a balance between operational security and compliance. However, the introduction of policies forcing stricter security measures is going to be helpful in the long run.
2018 saw an evolving threat landscape with major malware threats and email frauds. However, 2019 is expected to be defined by new cyber trends Factors like GDPR, new regulations, the cryptocurrency market, cyber warfare, IoT and AI are going to shape the threat landscape. It will become more crucial for organizations to develop a security-first approach to defend against sophisticated attacks in the future.