2017 proved to be a challenging year on many fronts in the information security realm. The Equifax breach, WannaCry ransomware attacks, and Russian manipulation of social media were just some of the lowlights. How will 2018 pan out? Here are some thoughts from the Kroll Information Security team:
The Good, the Bad, and the Ugly
Risks associated with IOT (internet of things) expansions
This will be an ongoing point of worry in 2018. Consumers and business will continue to implement IoT in daily life as these offer many benefits and conveniences. However, as we saw last year, not many vendors are baking security in, or have the ability to apply patches to, these different devices. Apart from using IoT devices for DDoS (distribute denial of service) and ransomware attacks, malicious actors will exploit these devices in consumers’ homes to maintain constant access to their victims’ networks. This means that no matter how many times victims remove malware from their computers, because of the IoT entry point, criminals will always have the opportunity of using this vulnerability to get back into the compromised network.
Alan Brill, Senior Managing Director, Cyber Security and Investigations, wrote a comprehensive set of articles on this topic:
Cloud “great migration” continues
The ever-increasing move to cloud services is being called the great migration. We will see even more services and workloads move to cloud-based platforms. Remember all those articles in 2017 about misconfigured AWS buckets being found? We expect more of these cloud-related spillages to occur.
GDPR (general data protection regulation)
GDPR comes into effect on May 25, 2018. According to this new set of regulations, both U.S. and European organizations will need to demonstrate compliance in how they manage, store, and share data – no matter how large the data sets are. Specific to breaches, organizations will have to report data breaches within 72 hours of their knowledge of them. U.S. organizations that are not in compliance will face high fines and intense public scrutiny. We predict the GDPR will spur the creation of a formalized Data Protection Officer position at organizations.
Ransomware will be more targeted
Threat actors will be smarter about which people and companies they target so they can extort as much money as possible. We will thus see more sophisticated malicious emails as cyber criminals perform greater research on their targets. Conversely, we expect law enforcement and the security industry to join forces on a much larger scale to aggressively detect and respond to these incidents, leading some malicious groups to move away from this type of attack.
Despite some recent volatility, Bitcoin has been steadily surging in price. There are other cryptocurrencies that have had rapid gains as well in the market. This success is expected to trigger crime of grand proportions. Hacking, already a problem, will rise as attacks on investors, exchanges, digital wallets, mining companies, ICOs, and hosting providers increase. Losses here due to fraud or theft are quite unlikely to ever be recovered or reimbursed because cryptocurrency, unlike funds deposited in U.S. banks, is not protected by the U.S. Federal Deposit Insurance Corporation (FDIC).
Relevant article: No Ransom Demand? Your Network May Still be a Victim of the EternalBlue Vulnerability
This will be developed into a well-honed art. Online advertisers and vendors are becoming better and better at using data analytics in conjunction with large data sets. Malicious actors will use this same technology to target victims.
Work with your IT department and cyber security partners to develop strategies and solutions to identify and address how these different predictions would affect your business. It is crucial to remain vigilant, continuously implementing and fine-tuning controls to lower the level of risk presented by these and other threats.
Securing Expert Assistance
Validating your information security policies through a comprehensive risk assessment can help prevent potential issues. Kroll’s cyber security team can be reached at [email protected] for a free consultation.