Thought leadership. Threat analysis. Cybersecurity news and alerts.
Top 3 Cyber Security Predictions in 2019
Cyber-attacks are becoming more common and have become a looming threat not just to large enterprises but also to small and medium-sized organizations.
Here are our top 3 cyber security predictions for the year 2019:
1. Cloud Attack Threat
There’s a looming threat in the cloud as this is where the data is heading.
A study conducted by LogicMonitor(PDF) predicted that majority of IT workloads will move to the cloud by 2020, with workloads running in public clouds will reach 41% in 2020, while workloads running on-premises will fall to 27% and the balance will run on private or hybrid clouds.
Another study conducted by Gartnerpredicted cloud computing to be a $300 billion business by 2021. According to Gartner, organizations increasingly adopt cloud services as these have been proven to provide speed, agility and cut cost that digital business requires.
There’s, however, a flipside to the positive contributions of cloud computing. The 2nd quarter of 2018 study conducted by Gartner revealed that organizations continue to struggle with cloud security, with an estimated $400 billion lost to cyber theft and fraud worldwide.
Expanding cloud services as part of an organization’s digital initiatives is indeed needed, but these initiatives should be matched with a sound cloud security strategy as cyber criminals know that there’s money in the cloud.
There are many attack surfaces in the cloud that attackers could easily exploit. For instance, in early 2018, RedLockreported that attackers illicitly used the cloud computing resources of Tesla to mine a cryptocurrency. According to Redlock, attackers were able to gain access to Tesla’s cloud computing resources as Tesla openly exposed its Kubernetes – an open-source platform for managing cloud workloads and services – without password protection. Tesla’s exposed Kubernetes, Redlock said, contained the credentials of Tesla’s Amazon Web Service account.
In cryptocurrency mining, those who allow their computers to be used for mining digital coins are financially compensated for the computer and electricity usage. Cryptocurrency mining is legal in most countries but legality ends when this is done without the knowledge and consent of the owner of the computing resource – a cyber crime called “cryptojacking”. Since the most popular cryptocurrency Bitcoin reached an all-time high price of nearly $20,000 in late 2017, there has been a dramatic rise of cryptojacking.
2. Botnet Threat
Connecting almost every computing devices, including servers and Internet of Things (IoT) devices such as routers and security cameras, exposes online resources such as websites to botnet attacks.
Botnet, which originates from the words “robot” and “network”, refers to a group of malware-infected computers that’s remotely controlled by an attacker or attackers to conduct malicious activities such as a distributed denial-of-service (DDoS) attack. In a DDoS attack, fake traffic originating from malware-infected devices is directed against a target website, rendering the target website inaccessible to legitimate users.
In recent years, cyber attackers have tweaked in a number of ways the source code of the infamous malicious software called “Mirai”. At its peak in 2016, the Mirai malware infected hundreds of thousands of IoT devices worldwide and turned them as a “network of robots” to conduct malicious activities, including DDoS attacks.
In October 2016, the Mirai botnet almost brought down the internet when it attacked Dyn, a domain name service (DNS) provider. As a result of the attack on Dyn, 80 popular websites, including Twitter, Amazon, Reddit, Spotify and Netflix temporarily became inaccessible to the public.
A notable Mirai variant was recently discovered by researchers at Netscout. While the original Mirai infected IoT devices and turned them as part of a botnet, the Mirai variant discovered by Netscout researchers infected enterprise Linux servers and turned these compromised servers as part of a botnet. Turning hundreds of thousands or millions of IoT devices and a handful of enterprise servers as part of a DDoS botnet could bring down the internet or render many websites inaccessible to the public.
It’s important to note that the Mirai and other Mirai variant infections are preventable. The original Mirai infected hundreds of thousands of IoT devices by simply logging to these devices using default or factory username and password combinations. A mere change of default or factory username and password renders the original Mirai useless.
The recent Mirai variant discovered by Netscout researchers, on the other hand, infiltrated servers that were unpatched and through brute-force – systematic attempt to guess the correct username and password combination. Patching, that is, the timely installation of a security update, and the use of complex passwords could render this recent Mirai variant useless.
3. Shortage of Cyber Security Skills
While it’s widely known that there’s a shortage of cyber security professionals, what isn’t known is how dire the situation is.
A study conducted by (ISC)2revealed that the shortage of cyber security professionals around the world has never been more acute, placing the shortage of cyber security professionals at 2.93 million, with roughly 500,000 of these positions located in North America, 2.15 million positions located in Asia-Pacific and the balance located in other parts of the world.
“The lack of skilled cybersecurity personnel is doing more than putting companies at risk; it’s affecting the job satisfaction of their existing staff,” the (ISC)2 report said.
Happy New Year and stay safe!
Steve E. Driz, I.S.P., ITCP