Virtualization Technology News and Information
Zscaler 2019 Predictions: Top Security Threats for 2019

Industry executives and experts share their predictions for 2019.  Read them in this 11th annual series exclusive.

Contributed by Deepen Desai, Vice President of Research and Operations at Zscaler

Top Security Threats for 2019

With the recent string of breaches, from Dunkin Donuts to Quora, each day seemingly brings a new attack on enterprise cybersecurity. The Zscaler cloud blocks over 1,000 threats every second, and as a security team we analyze the data and look for newer trends. Based on this insight and the research of the ThreatLabZ team, here are the top security threats to look out for in 2019.

1. Increase in cryptocurrency miners and stealer malware

We will continue to see more and more malware operators trying to cash in on cryptocurrency either by mining coins on the infected systems and/or by stealing cryptocurrency from the infected systems. This will involve both new malware strains as well as existing strains (e.g. njRAT) adding mining/stealing modules to the victim's device.

2. Increase in SSL/TLS-delivered threats

We have seen steady growth in overall SSL/TLS-encrypted traffic, which now accounts for almost 75 percent of total enterprise traffic going through Zscaler Cloud. Cyber criminals are leveraging this encrypted channel at all stages of the cyber kill chain. In particular, we have seen a sharp increase in phishing attacks and malware payload delivery over SSL/TLS channels. As more and more websites use HTTPS, including social media such as Facebook and Twitter, the ability to control and inspect traffic from these sites is of increasing importance to the security posture of large enterprises.

3. IoT threats impacting enterprises

IoT footprints in the enterprise network have grown rapidly over the past few years. The problem here is that a large chunk of consumer-grade IoT devices are part of this footprint - especially shadow IoT devices, which pose significant risk to the enterprise networks from a security perspective. We will continue to see cybercriminals leverage IoT devices as a beachhead to large scale attacks against enterprise networks.

4. Increase in supply chain attacks

There has been a steady increase in software supply chain attacks in recent years. These attacks used to be more targeted in nature, in which a specific industry or organization, such as government, was being targeted. However, in recent years, we have begun seeing software supply chain attacks being used for commodity malware as well, which has the potential to impact larger numbers of users. We will see continued focus from cybercriminals on attacking critical software supply chain infrastructure to conduct large-scale attacks.

5. Increase in attacks against cloud service providers

The increase in cloud adoption has shifted a lot of workflows to the cloud, and with that shift we will see an increase in attacks aimed at cloud service providers. Hackers will attack cloud service providers to gain access to valuable customer data from a large number of organizations. These attacks will have a severe financial impact on the companies affected and the cloud service provider attacked.


About the Author


Deepen Desai is the Vice President of Research and Operations at Zscaler. He is responsible for running the security research operations at Zscaler ThreatLabZ. Deepen has been actively involved in the field of Threat Research and Analysis from past 15 years and has strong affiliations with various security working groups. He is passionate about building new detection modules to counter evolving threat landscape. He loves analyzing new malware payloads to neutralize the threat with effective countermeasures. Prior to joining Zscaler, he was a Senior Threat Research manager at Dell SonicWALL. Deepen holds a Master's of Science in Computer Engineering from the San Jose State University.
Published Thursday, January 03, 2019 7:35 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2019>