Top 100 Cybersecurity Predictions for 2018 Impacting MSSPs
Welcome to the final page of our predictions list.
10. Standardized hacking techniques will make attribution even harder: In 2018, more threat actors will adopt plain-vanilla tool sets, designed to remove any tell-tale signs of their attacks. For example, we will see backdoors sport fewer features and become more modular, creating smaller system footprints and making attribution more difficult across the board. And, as accurate attribution becomes more challenging, the door is opened for even more ambitious cyberattacks and influence campaigns from both nation-states and cybercriminals alike. Source: Kevin Livelli, Director of Threat Intelligence of Cylance
9. Nuclear Malware: Destructive malware will hit the U.S. in a big way. Either some large company or a particular vertical will have a malware event that destroys hard drives similar to the 2012 attack against 30,000 workstations at a Saudi oil company. Source: Justin Kallhoff, CEO, Infogressive
8. Ransomware Outsourcing Accelerates: Ransomware attacks are likely to increase multi-fold in 2018. Notorious ransomware families like Locky and Petya are getting more advanced and finding new vulnerabilities to exploit, while ransomware itself is taking on new forms (e.g. disguised as JPEG and PDF attachments) and is becoming more destructive than ever by attacking critical disk regions and forcing reboots that enable the ransomware to circumvent existing security software. At the same time, ransomware payments have become more anonymized through cryptocurrency, and hackers now have the ability to “outsource” the development of custom ransomware strains to hackers willing to offer creative, revenue-share ransomware. As these changes continue to develop, we’ll see a shift in cybersecurity thinking from “post-attack” recovery to “pre-attack” prevention.” Source: Hyder Rabbani, COO, CyberSight
7. Cloud Security Concerns Die: 2018 will be the year organizations finally realize the cloud is actually more secure than storing critical apps on-premises. Amazon, for instance, has hundreds of employees working on a single service in its cloud with the goal of maintaining that service’s security. In general, the cloud is more secure when considering the investments companies like Microsoft, Amazon and Google have made in order to deliver the type of service their customers need. 2018 will be the year that IT leaders will stop asking if the cloud is safer than on-prem, the question will become obsolete as cloud security permeates the enterprise. Source: Kaseya
6. Many enterprises will scramble to become GDPR compliant at the Final Hour, while some states adopt their own GDPR-like regulations. Starting on May 25, 2018, The General Data Protection Regulation (GDPR) will be the global law of the land for the European Union. Source: Alfresco.
5. The United States will launch a cyber attack against an enemy: Bombshell! Following announcements by current President Donald Trump to “Wait and See” how the U.S. would handle foreign enemies, the U.S. will launch a coordinated cyber attack on Iran and North Korea rather than sending in physical troops. This “act of war” will be launched preemptively as the first public internet attack from a first world nation, and will cause the near total destruction of internet resources in these countries. Source: BeyondTrust, which specializes in integrated privileged access management.
4. More supply chain attacks. Kaspersky Lab’s Global Research and Analysis Team tracks over 100 APT (advanced persistent threat) groups and operations. Some of these are incredibly sophisticated and possess wide arsenals that include zero-day exploits, fileless attack tools, and combine traditional hacking attacks with handovers to more sophisticated teams that handle the exfiltration part. We have often seen cases in which advanced threat actors have attempted to breach a certain target over a long period of time and kept failing at it. This was either due to the fact that the target was using strong internet security suites, had educated their employees not to fall victim to social engineering, or consciously followed the Australian DSD TOP35 mitigation strategies for APT attacks. In general, an actor that is considered both advanced and persistent won’t give up that easily, they’ll continue poking the defenses until they find a way in.
When everything else fails, they are likely to take a step back and re-evaluate the situation. During such a re-evaluation, threat actors can decide a supply chain attack can be more effective than trying to break into their target directly. Even a target whose networks employ the world’s best defenses is likely using software from a third-party. The third party might be an easier target and can be leveraged to attack the better protected original target enterprise. Source: Kaspersky Lab.
3. Malware invades hardware at increasing rates: 2017 saw an increased amount of malware attacking the firmware and memory of hardware devices like disk controllers, fingerprint sensors, and computer cameras. As most malware detection products can’t identify malware on hardware, expect hackers to increasingly turn to this type of attack during 2018. Source: Lastline, a provider of breach protection products.
2. The cloud will accelerate channel partner migration to next-generation security innovators. Source: Palo Alto Networks Channel Chief Ron Myers
1. IoT safety and security viewed through a single lens: As we look at the IoT, especially at OT-type environments and manufacturing plants, where there are industrial-type systems that are all connected, we’re starting to see how the operational world and the traditional IT world will come together. We will see continued merging of traditional safety (e.g. safety of employees) and IT security. And the more connected devices we see, the more prevalent this integration will become. Source: Thales eSecurity Chief Strategist for Cloud and IoT Security John Grimm.
Your Predictions: If your company has cybersecurity and MSSP predictions to share, please email me (Joe@AfterNines.com) for consideration.