2018 has been another big year of changes in the digital security landscape as attackers leverage new technology, and revive old tactics for new gains. Let's dive in to what attackers want, and how they are getting it so you can defend yourself.
View Infographic1. Ransomware is out, cryptojacking is in
In 2017, we saw a flurry of attacks which saw companies and even police stations getting their files encrypted. The attackers would then demand an often escalating amount of bitcoin, an untraceable cryptocurrency, to get the key which supposedly unlocks the files.
This year, they seem to have realized that brute force isn't always the answer. Why simply demand someone gives you fractions of a bitcoin, when you can hijack all of their computers and use their spare processor and graphics card power to get yourself a whole bitcoin! Or a litecoin, or any of a dozen other cryptocurrencies now available.
Many people gave up on using processors and graphics cards to mine cryptocurrencies because it's no longer profitable, however if you have thousands of computers and none of the hydro or electric costs the math is quite different.
2. Email is still the attack method of choice
With good reason too. The huge advancements we've made in computer language comprehension and spam detection have come as a double-edged sword. It's given employees and IT teams alike a false sense of immunity, which is being fully exploited using AI powered targeted attacks.
Alejandro Correa Bahnsen did a wonderful presentation at Black hat about his teams work with using AI to craft messages which bypass traditional protections. You can see his presentation here; https://www.youtube.com/watch?v=fGtPmiNebDE
3. Living off the land is also big in IT attacks
Our modern Anti-Viruses and Firewalls have become wonderful at detecting viruses and those trying to bash their way into our networks. So how do you penetrate into hostile territory without being seen? You work with what's already there of course. According to the Ponemon Institute's The state of endpoint security risk report 77% of compromised attacks in 2017 were fileless. This is a trend we can only see increasing.
These fileless attacks don't download things which is sure to be spotted. Instead, they work with cryptography and search capabilities already in Windows. Modern Windows, macOS, Android and iOS are full of nearly anything an attacker could need, because these are the same things programs we want need. Could you imagine doing online banking if it wasn't encrypted and left details about what you did all over your computer? This combined with the profitability of item #1 leads to the next point.
4. Hackers are hiding out in systems for months
Bolstered by claims of our security platforms being the "best of breed" and their cloud enabled behaviour analysis you would think we're safe. Yet in the Ponemon's 2017 Cost of Data Breach report, it took organizations an average of 6 months to identify data breaches.
Attackers are able to run away with most networks thanks to the power of AI, leveraging components already in the environment and having ample time to carefully move because they're nearly invisible. Digital security is continually becoming a higher stakes game of reconnaissance, where the victor will be the best prepared.
5. IoT makes life easier, for everyone
From light switches to personal assistants there is no denying that these devices have made our lives easier. Looking up facts, placing online orders and turning the heat up as we approach our homes. Unfortunately these smart devices are usually quite dumb. As a result over half of organizations have experienced a security incident as a result of IoT or industrial control systems as outlined in the 2018 Trustwave IoT Cybersecurity Readiness Report and Business Advantage State of Industrial Cybersecurity 2017.
A quick look on Youtube will show you everything from smart locks and high-security surveillance cameras with hard coded default administrator passwords you can't change, to how they can take control of your car as it drives down the freeway. The good news is that things like the Jeep being completely controlled remotely are extreme examples, and companies work diligently to resolve such issues once they are found.
So there you have it, those are the biggest trends in digital security for 2018. A big thank you to security researchers across the globe for taking things apart to find these issues and reporting them before somebody does something nasty with them.