Industry executives and experts share their predictions for 2018. Read them in this 10th annual VMblog.com series exclusive.
Contributed by Mike Simon, President and CEO of Cryptonite
Cryptonite's Five Cyberthreat Predictions for 2018
2017 was the year cyber attacks grew
substantially in industries such as health care, banking, manufacturing and
government. 2018 will be the year that cyber attackers bring increasing levels
of scale and automation to their attacks.
It is our view that defenders have raised the bar and the cyber
attackers will respond in kind. The most visible vulnerability use cases still
do not have adequate protection - attackers will accelerate their pace of
compromise and data theft. The Cryptonite team analyzes trends and watches the
data that flows into our security operation center to identify emerging cyber
threat trends. This is our view of the imminent 2018 cyber threat onslaught.
Ransomware Attacks Will Rise in
Frequency and Impact in 2018
As in 2017, ransomware attacks will grow to
unprecedented levels in 2018. In 2017, attackers gained valuable experience and
optimized ransomware design and deployment leading to global outbreaks such as
WannaCry, NotPetya and, most recently, Bad Rabbit. This is just a warm-up for
the barrage coming in 2018. Attackers have the benefit of improved tools that
can automate the end-to-end manufacture of both the ransomware software and the
botnets that link to them. On top of this, ransomware continues to gain new
criminal support from both organized crime and rogue nation states. Traditional
organized crime has moved additional focus to ransomware because of the rapid
ROI and the proliferation of non-traceable digital currency. The opportunities
are too tempting and the risk for them of identification and capture is low.
Expect the bombardment of ransomware attacks to continue into 2018.
Internet of Things (IoT) Device
Attacks Will Surge in 2018
The growth and proliferation of unsecured IoT
devices will accelerate in 2018. Adoption rates for IoT are high in many
industries, including manufacturing, health care and retail. The base of
existing IoT devices, and the continued delivery of new devices has created a
perfect storm for attackers. In the majority of enterprise these devices are
not protected by anything other than perimeter-based defenses, and those
networks continue to be breached. Even as some IoT security solutions emerge,
the installed base of existing IoT devices is already large and will represent
an unprotected liability for years to come. This includes networked lighting
systems, thermostats, security cameras, and badge readers in the standard
enterprise environment. In hospitals and manufacturing environments, the list
of IoT devices is quite large and virtually all of it remains unprotected and
wide open to attacks.
Cybercriminals will Successfully
Increase Focus on the Top Four Enterprise Vulnerabilities in 2018
Organizations will continue to fail to
"Protect the Unprotected" vulnerability areas within their networks. These
areas will remain the mainstay for attackers at all levels of
sophistication. Historically, there has
been a lot of discussion about zero day vulnerabilities. We believe that the
emphasis on the use of zero day vulnerabilities will continue to be dwarfed by
the assault on these top four vulnerability use cases. These unprotected
environments include any large enterprise with missing software updates and
patches (a majority of government and corporate networks), networks with IoT
devices, embedded Windows XP and Windows 7 processors in turnkey systems
(manufacturing supervisory control and data acquisition systems - SCADA, health
care medical devices, bank automated teller machines, point of sale terminals
and many more), and connected mobile devices. All of these are well known to
both attackers and to the security operations teams that protect the enterprise
networks that have these vulnerabilities, yet little has been done to resolve
the underlying problems.
Health Care Attacks will Reach
Record Levels in 2018.
Cyberthieves will continue the unrelenting
assault on health care institutions. Most hospitals are now aware of the
threats but have not implemented technologies or best practices that can
protect their networks from known vulnerabilities. Clinicians continue to move
between their EMR/EHR systems, hospital networks and the networks of other
facilities, such as CT-MRI centers, surgical centers, skilled nursing
facilities, dialysis centers and diagnostic laboratories. All it takes is one
mobile device, email, or memory stick, and attackers have access to a wide
variety of IoT and embedded processor medical devices. The cost for identifying
these breaches is high, and often devices are compromised again as soon as the
last attack is remediated. Hospitals remain easy targets for socially
engineered entry, and ransomware is also a significant problem given the number
of interconnecting health care networks. For these reasons and more we expect
to see the number of major attacks grow substantially as we have seen in 2015,
2016 and 2017. Expect 2018 to be a banner year for cyberattackers inside our
health care institutions.
Financial Institutions Will Suffer
Record Financial Loss to Cyberattackers in 2018
Historic financial cyberattack data has
focused on the number of attacks or of records stolen. In the financial
industry, it is all about the money. Banks and credit card processors invest in
more cybersecurity protection than just about any other industry, yet many of
their installed cyberdefenses will continue to fail. Rather than exfiltrating
data and trying to sell it on the dark web, attackers can go directly after
liquid assets which they can divert and steal. ATM networks remain vulnerable
and access to the advanced financial systems that move billions of dollars,
such as the SWIFT financial network, present tempting targets which have been
successfully exploited in 2015, 2016 and 2017. In 2018, the financial losses
will continue to increase as attackers refine their technique and increase
their focus on vulnerable financial networks.
##
About
the Author
Mike has an array of successful experiences in
high tech companies spanning nearly 20 years. Mike has a Bachelor of
Science in Electrical Engineering from the University of Maryland and has
participated as a co-founder in 2 prior startup ventures, AIB Software and
LocalEyes, both of which ended in exits that delivered ROI to investors.