Top 100 Cybersecurity Predictions for 2018 Impacting MSSPs
Welcome to predictions from CyberSight, Comodo, RiskIQ and more
2018 Cybersecurity Predictions From CyberSight
Hyder Rabbani, the COO of CyberSight, weighs in with four predictions… items 27 through 30
30. New ransomware business models: Ransomware attacks are likely to increase multi-fold based on the anonymity of ransom payments through cryptocurrency (Bitcoin, Ethereum and others) and the ability to “outsource” development of custom ransomware strains to hackers willing to offer creative, revenue-share ransomware. We’ll see more non-technical hackers engaging ransomware developers for free and sharing a portion of the proceeds as payment, thereby requiring no skills or money for someone to launch a malicious attack.
29. Picture this type of ransomware…: Notorious ransomware families such as Locky and Petya will become even more advanced and continue to find new vulnerabilities to exploit. Along those lines, we’ll see ransomware taking new forms in 2018; for example, disguised as JPEG or PDF files.
28. Ransomware hits critical disk regions: Ransomware attacks will become more destructive than ever by attacking critical disk regions and forcing reboots that enable the ransomware to circumvent existing security software. As this happens, a new approach to ransomware and a shift in cybersecurity thinking from “post-attack” recovery to “pre-attack” prevention will be necessary.
27. Macs become bigger targets: As Apple Mac ownership increases, the Mac platform will become a target. We predict there will be an emergence of more Mac ransomware strains targeted to Mac owners who believe the fallacy that “Macs don’t get malware or ransomware.”
2018 Cybersecurity Predictions From Comodo
26. Will smart cars repeat our security mistakes?: Smart cars need smart roads…which need smart-secure IT/OT infrastructures. Seeing, hearing, reading all the buzz and the impressive investment dollars behind the start of smart cars reminds me of when we thought that personal computers were the answer to take on the monolithic mainframe. That was in the 1970s.
Fast forward to the present, and we now see that they needed an infrastructure — call it the internet in all its manifestations of protocol adoption, ethernet, websites, cloud data centers, mobile devices, etc. Smart cars serve as just one example. Were these PCs and their connections to the internet infrastructure made secure, at the earliest point of the OSI stack and TCP/IP implementations? No. That started late, and it remains in catch-up mode.
We are at the moment of massive changes coming from robotics, IoT, and yes, even smart cars. They will succeed when they are coupled with smart roads and smart IT/OT infrastructures. That is the prediction. Now to the question. Think we should make them secure…before it’s too late? Source: Carlos Solari, VP of Cybersecurity, Comodo
25. SLL Risks: SSL certificates will be everywhere. Phishing sites will be even more prevalent, and we’ll see more phishing sites with valid SSL, especially with the lowered requirements to obtain free certificates. Source: Fatih Orhan, VP of Threat Labs, Comodo
24. Nearly perfect won’t be good enough: Tolerance for 98-99% effective malware solutions will wane, and organizations will demand 100% prevention and protection. Source: Steven A. Menges, VP, Security Journeys, Comodo
2018 Cybersecurity Predictions From RiskIQ
23. Dangerous Ground: The eastern European conflict areas in the Ukraine will continue to be an area of digital disruption like we’ve seen with NotPetya and BadRabbit. Actors might also fall back to physical attack as seen with the attack on Ukraine in 2015 and 2016 after the waves of ransomware and wiper malware. Source: Yonathan Klijnsma, threat researcher, RiskIQ
22. Web crawling meets incident response: As recent attacks have shown, actors will continue to leverage compromised infrastructure as an infection vector to target individuals and organizations of interest. With this avenue of attack increasing, it will become even more important for security operations and incident response groups to be able to investigate correlations between compromised and actor-owned infrastructure, making web crawling capabilities critical to incident response. Source: Steve Ginty, senior product manager, RiskIQ
21. Adversarial Machine Learning emerges: Threat actors will increase their adoption of Adversarial Machine Learning to evade detection by infrequently trained machine learning models. Machine learning models will need to evolve quickly to keep up with these threats by incorporating instance-based approaches. The value of large data lakes will increase as security companies turn to machine learning-based solutions. The most valuable of these datasets will be hand-curated, labeled datasets that can be used to train supervised machine learning models. Source: Adam Hunt, chief data scientist, RiskIQ
Continue to the next page for predictions from EventTracker, BluVector, Cylance and more