Virtualization Technology News and Information
Cryptonite 2018 Predictions: Five Cyberthreat Predictions for 2018

VMblog Predictions 2018

Industry executives and experts share their predictions for 2018.  Read them in this 10th annual series exclusive.

Contributed by Mike Simon, President and CEO of Cryptonite

Cryptonite's Five Cyberthreat Predictions for 2018

2017 was the year cyber attacks grew substantially in industries such as health care, banking, manufacturing and government. 2018 will be the year that cyber attackers bring increasing levels of scale and automation to their attacks.  It is our view that defenders have raised the bar and the cyber attackers will respond in kind. The most visible vulnerability use cases still do not have adequate protection - attackers will accelerate their pace of compromise and data theft. The Cryptonite team analyzes trends and watches the data that flows into our security operation center to identify emerging cyber threat trends. This is our view of the imminent 2018 cyber threat onslaught.

Ransomware Attacks Will Rise in Frequency and Impact in 2018

As in 2017, ransomware attacks will grow to unprecedented levels in 2018. In 2017, attackers gained valuable experience and optimized ransomware design and deployment leading to global outbreaks such as WannaCry, NotPetya and, most recently, Bad Rabbit. This is just a warm-up for the barrage coming in 2018. Attackers have the benefit of improved tools that can automate the end-to-end manufacture of both the ransomware software and the botnets that link to them. On top of this, ransomware continues to gain new criminal support from both organized crime and rogue nation states. Traditional organized crime has moved additional focus to ransomware because of the rapid ROI and the proliferation of non-traceable digital currency. The opportunities are too tempting and the risk for them of identification and capture is low. Expect the bombardment of ransomware attacks to continue into 2018.

Internet of Things (IoT) Device Attacks Will Surge in 2018

The growth and proliferation of unsecured IoT devices will accelerate in 2018. Adoption rates for IoT are high in many industries, including manufacturing, health care and retail. The base of existing IoT devices, and the continued delivery of new devices has created a perfect storm for attackers. In the majority of enterprise these devices are not protected by anything other than perimeter-based defenses, and those networks continue to be breached. Even as some IoT security solutions emerge, the installed base of existing IoT devices is already large and will represent an unprotected liability for years to come. This includes networked lighting systems, thermostats, security cameras, and badge readers in the standard enterprise environment. In hospitals and manufacturing environments, the list of IoT devices is quite large and virtually all of it remains unprotected and wide open to attacks.

Cybercriminals will Successfully Increase Focus on the Top Four Enterprise Vulnerabilities in 2018

Organizations will continue to fail to "Protect the Unprotected" vulnerability areas within their networks. These areas will remain the mainstay for attackers at all levels of sophistication.  Historically, there has been a lot of discussion about zero day vulnerabilities. We believe that the emphasis on the use of zero day vulnerabilities will continue to be dwarfed by the assault on these top four vulnerability use cases. These unprotected environments include any large enterprise with missing software updates and patches (a majority of government and corporate networks), networks with IoT devices, embedded Windows XP and Windows 7 processors in turnkey systems (manufacturing supervisory control and data acquisition systems - SCADA, health care medical devices, bank automated teller machines, point of sale terminals and many more), and connected mobile devices. All of these are well known to both attackers and to the security operations teams that protect the enterprise networks that have these vulnerabilities, yet little has been done to resolve the underlying problems.

Health Care Attacks will Reach Record Levels in 2018. 

Cyberthieves will continue the unrelenting assault on health care institutions. Most hospitals are now aware of the threats but have not implemented technologies or best practices that can protect their networks from known vulnerabilities. Clinicians continue to move between their EMR/EHR systems, hospital networks and the networks of other facilities, such as CT-MRI centers, surgical centers, skilled nursing facilities, dialysis centers and diagnostic laboratories. All it takes is one mobile device, email, or memory stick, and attackers have access to a wide variety of IoT and embedded processor medical devices. The cost for identifying these breaches is high, and often devices are compromised again as soon as the last attack is remediated. Hospitals remain easy targets for socially engineered entry, and ransomware is also a significant problem given the number of interconnecting health care networks. For these reasons and more we expect to see the number of major attacks grow substantially as we have seen in 2015, 2016 and 2017. Expect 2018 to be a banner year for cyberattackers inside our health care institutions.

Financial Institutions Will Suffer Record Financial Loss to Cyberattackers in 2018

Historic financial cyberattack data has focused on the number of attacks or of records stolen. In the financial industry, it is all about the money. Banks and credit card processors invest in more cybersecurity protection than just about any other industry, yet many of their installed cyberdefenses will continue to fail. Rather than exfiltrating data and trying to sell it on the dark web, attackers can go directly after liquid assets which they can divert and steal. ATM networks remain vulnerable and access to the advanced financial systems that move billions of dollars, such as the SWIFT financial network, present tempting targets which have been successfully exploited in 2015, 2016 and 2017. In 2018, the financial losses will continue to increase as attackers refine their technique and increase their focus on vulnerable financial networks.


About the Author

Mike Simon

Mike has an array of successful experiences in high tech companies spanning nearly 20 years.  Mike has a Bachelor of Science in Electrical Engineering from the University of Maryland and has participated as a co-founder in 2 prior startup ventures, AIB Software and LocalEyes, both of which ended in exits that delivered ROI to investors.

Published Monday, January 22, 2018 7:28 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2018>