Looking back over 2018, it’s striking what many nations, organizations, and individuals have had to face with regards to cyberthreats, but remarkably the majority has come out, perhaps not unscathed, but still fighting.
During 2018, it’s been apparent that attacks, no matter the type, have become more targeted and even bespoke. Cybercriminals know what they are doing, they have the resources to back them, and their attack methods are ever more sophisticated. Malware, ransomware, phishing and spear phishing, email compromise, exploiting vulnerabilities, and newer threats like cryptocurrency theft and mining, were all prevalent threats in 2018.
Cyberthreats have, of course, been present in previous years, but the onslaught is definitely escalating and broadening and, for many of them, this is likely to continue into 2019 and beyond. Large-scale criminal cyberactivity is now ubiquitous.
Let’s take a look at some of the cyberthreats most prevalent in 2018 and what they portend for 2019.
It comes as no surprise that this longstanding form of communication remains an attacker’s favorite vector to get a footing into organizations. Email is an essential part of our personal and working lives! Since it was released to the World Wide Web in the early 1990s, it’s been embraced by everyone and is now used for all types of communication and information sharing for both everyday correspondence and highly sensitive documentation.
Business email attacks have increased exponentially over the years and are used by cybercriminals looking to derive large profits. Using the information found on social media (all the information we make publicly available) criminals are now easily launching their attacks using email on unsuspecting individuals and organizations. The levels of sophistication have definitely skyrocketed, duping targets left, right, and center and often with ease.
As we continue to make our personal and business lives publicly available on social media, attackers will continue to have the current stream of information that they rely on to target us and to launch these attacks.
Throughout 2018, email has been used persistently by cybercriminals to launch attacks, no matter the purpose — malware infection, data theft, and financial fraud. Email compromise is expected to continue into 2019 and beyond, and email-related attacks and cyberthreats will continue to rise.
Common vulnerabilities and exposure exploits have been and will continue to be a common malware vector. Exploitation of flaws is an old method; however, criminals are now also concentrating on focusing their efforts to actively undermine software development by corrupting the software that developers use, for instance, software in open source libraries.
As businesses continue to use third-party applications and services, any corrupt software and updates that follow have the potential to infiltrate networks and infect systems. We can expect more and more supply chain attacks because of this.
New malware is produced daily, this will continue to be the case. Fileless malware attacks are also more prevalent.
Malware is increasingly pushed to phones, mobile devices, and Internet of Things devices. As we, in a personal and business capacity, embrace more Internet-connected devices, criminals are creating new ways to hijack those devices to use them to launch subsequent attacks.
Malware is one of the costliest attack types and businesses spend millions to defend against these attacks.
Ransomware has been one of the most feared cyberthreats for a while now and in past years was the fastest-growing malware threat. It is an equal opportunity attacker, hitting businesses of all sizes, having the capability to leverage networks and the Internet to spread extensively. It targets home users, businesses, and governments and leads to loss of information, disruption of operations, financial losses, and harm to business reputation. This attack causes pronounced damage on many fronts and can be very dangerous. A system infected by ransomware is often also infected with other malware.
Email is often at the forefront of this attack, commonly used by attackers to launch the assault. All it takes is one unsuspecting employee to open the email attachment and in no time at all, the ransomware downloads and corrupts files on the computer.
There are opposing reports around whether or not ransomware attacks are increasing or are in decline. Many organizations reckon that ransomware attacks have been rising over the year; however, other reports depict a contradicting scenario — one where ransomware may be in decline and even displaced by other favored hijacking attacks, particularly cryptojacking and cryptomining attacks. This could be because organizations are protecting themselves better against ransomware (with a robust backup and restore policy) or because victims are choosing not to pay the ransom, so cybercriminals are pivoting to more lucrative attacks.
It may be that opportunistic ransomware attacks decrease, but targeted attacks and industry campaigns will continue to be a growing threat.
Phishing and spear phishing
Phishing attacks have been around for a long time. But over the years and in 2018 these attacks have become more targeted rather than opportunistic. In part due to the prevalence of social media and the high availability of information used to launch these attacks. These attacks are so personalized now — they are exceedingly challenging for a person to detect, hence their high success rate and the probability that these attacks will continue to evolve and be used in the coming years.
Phishing attacks are now more sophisticated to avoid detection. As detection and verification technologies have enhanced, attackers have tweaked their methods and have found new ways around this.
Spear phishing attacks are also more frequent and widespread. It’s thought that around 90 percent of attacks start with a spear phishing email.
Often these attacks impersonate key executives to get the most financial reward and more often than not result in large sums of money being transferred to fraudulent bank accounts — never to be seen again.
These attacks are now commonly launched from trusted sources, often compromised accounts. The emails look so credible that chances of detection are drastically reduced.
With one simple, sophisticated attack going undetected, multiple attacks can follow leading data theft, email fraud, malware infection, credential theft, and system takeover … the list is endless.
It’s estimated that in 2018 over 75 percent of businesses reported being a victim of a phishing attack. Spear phishing, in particular, has caused significant data loss for many businesses due to the seemingly authentic communications used.
The human component makes phishing attacks attractive to cybercriminals and the absence of an absolute effective defense, because of the human vulnerability, ensures that this attack is more often than not an easy win for criminals. So, it’s anticipated to continue to be a favored attack method.
Cryptojacking and cryptocurrency mining
The use of cryptocurrencies for everyday transactions is becoming routine and attacks against individuals and businesses dealing in this way will increase. Attacks to the cryptocurrency ecosystem are expected to rise.
Cryptojacking or cryptomining, a newer malware trend, is an invasive method being used by cybercriminals to bolster profits through reduced risk. With the arrival of faster computers and blockchain technologies cybercriminals are using people and business resources to create cryptocurrencies at their expense.
Using email and other avenues to launch this attack, cybercriminals infect machines with cryptomining malware to steal machine resources and hijack CPU power.
Malware files are being tweaked to not only look for traditional financial information but also cryptocurrencies. Criminals even steal cryptocurrencies like bitcoin from those who use, create, and exchange it with traditional cyberattack methods.
Due to the ease of deployment, reduced risk (this invasive activity is challenging to detect) and high profitability, this trend is expected to continue and increase in 2019 and onwards. Some believe that these types of cyberthreats may even displace opportunistic ransomware.
Data breaches and theft
Data breaches continued to be a big problem and huge concern, and what happened to Facebook in 2018 emphasized the significance of this. With the enforcement of the GDPR, companies have been kept on their toes. Businesses have had to rethink and reorganize the way in which they manage customers personal information. Noncompliance and the impacts of a breach can be detrimental to business on a financial and reputational front.
For businesses, keeping data safe will be as important in 2019 and beyond. Especially as data theft shows no signs of slowing and regulation and authorities are holding businesses accountable. There’s nowhere to hide.
Our personal information, financial details, and credentials, all the data we supply and share) is highly sought after. Attacks on retailers, businesses, public organizations and financial institutes on which the wider public depend can all have catastrophic consequences for the individual as well as the organization.
On a consumer level, when it comes to avoiding cyberthreats, it’s important to avoid oversharing whenever possible and to stay vigilant. Keep an eye on your accounts, ensure you gadgets are secure, ensure the sites you use are legitimate and keep your credentials strong and separate for each account you use. Organizations that handle and process consumer data should implement the appropriate organizational and technical measures to ensure the security of consumers’ data.
As it stands the most expensive component of a cyberattack is data loss —estimated at nearly half of all associated costs.
Stay educated on current cyberthreats
Most companies are aware of the cyberthreats that they face. Notably, the majority of attacks are not new, many attacks are reused year after year. Older attacks do not go away, but instead, attacks are used in combination with others and are expanding, and this is why many are failing to protect against them adequately. These will only continue to expand into 2019.
We know what they are, we need to keep educated on the current threats and invest in advancing technologies and our people to prepare for the growing number of severe and sustained threats we are likely to encounter in the year ahead.
Ultimately no one exactly knows what the year ahead has in store. However, we can safely assume that hackers and attackers will improve their trade and will be more difficult to trace, breaches will continue to rise and will be more difficult to avoid. We know that governing laws are and will continue to become more stringent, skilled IT professionals will be few (and sought after) in many emerging areas, but those present will improve their ways of defense with the help of advanced technologies and artificial intelligence (attackers may take advantage of this too).
Human error is a big part of the threat we continue to face, and user awareness and education are a vital part of the battle. Combining people, process, and technology appropriately for multilayered defense can help businesses be better prepared for the year ahead and to start 2019 on a sound footing.
Featured image: Shutterstock