
Industry executives and experts share their predictions for 2019. Read them in this 11th annual VMblog.com series exclusive.
Contributed by Karl Sigler, Threat Intelligence Manager, Trustwave SpiderLabs
Mobile and IoT Devices Will Be Specifically Targeted by Hackers
IoT
device manufactures haven't learned their lesson - typically innovating before
implementing security features. In 2019, they will continue to bypass secure
coding practices in a race to be first to market, putting consumers at risk. And
as mobile device use continues to skyrocket, expect hackers to attempt to
capitalize on the sheer volume of apps and device targets in 2019.
1. Hackers will increasingly rely on
cryptocurrency - Despite several dips in value, the cryptocurrency market
has been stabilizing to a certain extent and continues to provide criminals
with features like privacy and ease of access. Cryptocurrency provides an easy
way for criminals to monetize their behavior, particularly by utilizing smaller
alternate cryptocurrencies that are easier to mine and don't require heavy
computing power. As a result, the industry will experience an increase in
cryptomining and associated malware.
2. IoT devices will continue to flood the
marketplace without being properly vetted, leaving consumers vulnerable to
attacks - At a time where nearly every device is connected to the internet,
vendors should be taking security seriously. Too many of these products, toys,
and phone apps that connect to the cloud in an insecure or unencrypted fashion
and are at risk. Security issues have been plaguing the IoT market from the
very beginning and it will only continue to exacerbate in 2019. IoT
manufacturers will continue to race to introduce new products before their
competitors bypassing secure coding practices resulting in products that add
risk to corporate environments.
3. Targeting of mobile devices will increase -
From communication and entertainment, to shopping and work-related activity,
consumers are now seemingly tethered to their mobile devices. The high cost of
mobile devices and inconvenience of upgrading is deterring many consumers from
purchasing new products or updating their operating systems, introducing
security risks into corporate environments. Look for cybercriminals to
increasingly flock to mobile, targeting devices with mobile specific malware
and malicious apps.
4. Exploit kits will return - Previous
crackdowns by law enforcement temporarily halted cybercriminal groups that
built widely popular exploit kits that delivered hacking capabilities to
non-hackers. In the coming years, we'll
start seeing exploit kits crop up again this time with added automation as
cybercriminals seek to capitalize on their functionality and monetary potential
from sales on underground forums and the dark web.
5. The same security problems will occur -
While there are new trends, tools and types of malware, criminal and malicious
activity repeats the same pattern over and over again. As organizations fail to
apply patching best practices, inventory their data assets, and correctly
install and audit their perimeter defenses and event management systems, the
same big breaches will continue to occur in 2019.
##
About the Author
Karl Sigler, Threat Intelligence Manager at Trustwave
SpiderLabs
Karl Sigler is
responsible for research and analysis of current vulnerabilities, malware and
threat trends. Karl and his team run the Trustwave SpiderLabs Threat
Intelligence database, maintaining security feeds from internal research
departments and third party threat exchange programs. His team also serves as
liaison for the Microsoft MAPP program, coordinates Trustwave SpiderLabs
responsible vulnerability disclosure process and maintains the IDS/IPS
signature set for MSS customers. With more than 20 years experience working in
information security, Karl has presented on topics like Intrusion Analysis and
Computer Forensics to audiences in over 30 countries.