As technology progresses, the potential for crime escalates along with it. Cybersecurity threats have made big headlines in 2018, pointing to an evolving underground of attackers that take advantage of cryptocurrency, malware, AI, and other cutting-edge tools to cause significant damage to businesses. Experiencing a cybersecurity attack can undo your business growth and even permanently harm your brand, so maintaining awareness and doubling down on security policies are a must.
Here are our top threats and trends to watch out for in 2019…
The Internet of Things has seen exponential growth over the years, with nearly 31 billion devices predicted by Statista.com in 2020. Unfortunately, IoT doesn’t have robust security standards yet, so it’s a perfect target for hackers—in fact, cyber attacks against IoT rose by 600% back in 2017. Common vulnerabilities include lacking basic security measures such as strong default passwords or running on old Windows software.
Because of the IoT’s interconnectedness, devices can be turned into botnets, which can be remotely controlled as a network by malware. This makes them susceptible to denial-of-service (DDoS) attacks, where users of a system are prevented access after it gets overloaded with traffic from compromised IoT devices. IoT attacks can cripple or even stop a system from functioning or even cause dangerous effects such as explosions when physical infrastructure is involved.
Cloud-based attacks are on the rise—and that’s not surprising because businesses offering cloud services guard crucial information owned by a lot of companies. According to McAfee, 21 per cent of data stored in the cloud is sensitive. As the tech landscape shows an increasing preference for the cloud, attackers have an ever-larger prize to win since they can gain entry to the systems of the companies using that specific cloud service.
They usually start off by exploiting security flaws in applications, and once they get past that, they can move across applications and client systems. These attacks are relatively easy to perform but very difficult to spot. More often than not, customers or involved third parties such as credit card companies detect the breach first, adding insult to injury. Education and shoring up security processes are two ways businesses can deal with these kinds of attacks.
Blockchain, which is still an innovative technology that polarises many in the tech community, has a reputation for being extremely secure. It’s also a popular choice for many because of its transparency, making transactions easy to verify.
However, don’t be lulled into complacency—resourceful as they are, attackers can find their way around blockchain, and many of the security issues that have been unearthed even seem to be caused by the basic structure of the blockchain itself. Smart contracts, which are touted for sensitive exchanges such as money transfers, are still relatively young and thus prone to bugs. Blockchain breaches have resulted in fraud, data breaches, and diversion of funds, costing millions of dollars in severe cases, and these will only increase in 2019.
Ransomware was the most common form of malware in 2018, and it’s estimated that businesses will suffer a total of $11.5 billion in 2019 from attacks. Similar in workings to its traditional counterpart, ransomware is effective because it hijacks important files and systems and prevents users from accessing them until the ransom note is paid.
Individuals can be targeted through infected links, but businesses are more attractive for attackers because these can afford to pay much higher. Ironically, it’s not the ransom that costs businesses so much—most of the loss comes from damage control, missed profit, and unhappy customers. To top it off, cryptocurrency has become a favourite tool of attackers since it covers their tracks and renders them anonymous.
AI seems to be constantly pushing the limits of technology—and when it comes to security, that’s both good and bad, depending on whose hands it falls to. With AI added to the mix, cybersecurity wars have become an arms race of who can wield it better.
On the part of the attackers, AI gives the capability of crunching through massive amounts of data in mere seconds and coming up with a highly personalised tactic for infiltrating systems, from selecting the right target to avoiding detection. As if that’s not enough of a threat, AI can unleash automated 24/7 attacks and even aim at multiple systems all at once while adapting its approach to each. The pressure to step up on AI defence is high, and who triumphs is a matter of staying ahead of the fast-moving technological curve.
Phishing is an older tactic that has been around since the 1990s, but it continues to escalate in 2019, made more believable and harder to detect with sophisticated tools such as machine learning. On the surface, it’s simple: targets receive a fake message that looks extremely convincing, from the company logo to writing tone.
This is often backed by extensive research on involved organisations and individuals, with some attackers even hacking into emails to retrieve information. If an unsuspecting employee reveals their personal information, the company’s digital infrastructure can go through significant damage, and private data can be lost. In 2017, the average phishing attack cost a mid-sized £1.2 million.
Cyber attacks are a threat that continue to plague businesses of all sizes. While there’s no 100% guarantee of avoiding them, you can minimise their threat by building robust systems and continuously testing these for security. 2019 will see more cybercrimes than ever, so it’s best to be aware and prepared.