Industry executives and experts share their predictions for 2019. Read them in this 11th annual VMblog.com series exclusive.
Contributed by Joe Merces, CEO, Cloud Daddy
Retaliation, AI and Cloud Incursions: The Top Three Security Trends Coming in 2019
This year has
seen some extremely damaging consequences due to the increased frequency of
ransomware and related viruses, as well as online fraud and other malicious
incursions against IT infrastructure in both the public and private sector.
In many cases,
these attacks might have been less damaging if better cyber hygiene had been
implemented, or if employees knew more about what to do - and what not to do - to avoid the spread of malicious code or other attacks.
As we look ahead
to 2019, it's clear that while cyber hygiene is still essential, it is not
sufficient to stem the rising tide of cyber security problems. Enterprises must
be diligent in developing and maintaining data protection strategies, combining
data backup and recovery plans with infrastructure management and advanced
cyber security practices. Without these data protection strategies, we as an
industry will not be able to stay ahead of the advancements that bad actors are
making in their dirty work.
That said, here
are the three most likely things that government and business should prepare
for in the coming year.
Retaliatory hacking.
One of the main
scenarios that is likely to emerge is a boost in hacking activities from China and
other nation-states that have found themselves in the political spotlight.
China, for
example, already number one in cyber crime and other nation-state hacking
activities, will likely be motivated to do more in 2019. If the arrest and
detainment of Huawei CFO Meng Wanzhou in Canada is any indication, China will
definitely respond with all the tools at its disposal.
So far, China has
responded to the arrest by incarcerating several Canadians in China, sentencing
them to "administrative punishment." But these responses are likely to be
compounded by cyber attacks on both Canada and the US.
It already
appears that China is behind several recent high-profile hacks, such as the one
perpetrated against the Marriott hotel chain. Unless the political fervor
cools, it's likely that China will expand its chess game and come after both
Canada and the US even harder, with attacks on their typical targets in the
financial, legal,
healthcare, and hospitality industries.
And China is not
the only likely source of retaliatory hacking. If economic sanctions are held
in Iran, we will see bad actors in that country also responding with increased
cyber attacks. In fact, the recent Shamoon based destructive malware attack
already out in Europe and the Middle East, is confirmed to originate from Iran
and literally wipes out infected computers by overwriting all of the data with
garbage. Iranian cyberattacks are not only geared for making money, but also
for optimum destruction. After all, the nefarious SamSam virus was created by
two Iranian hackers.
To date, that
virus has taken down several US state agency IT infrastructures as well as
corporate systems. Let's hope that political tensions will cool before they
escalate in the IT realm.
AI in hacking.
Another trend to
watch is bad actors using machine learning and artificial intelligence to
cripple organizations in both the public and private sectors.
In the most
recent quarterly Fraud Index Report from DataVisor, findings based on hundreds
of millions of user accounts showed that fraudsters are beginning to outsmart
conventional approaches to machine learning.
Sophisticated
fraud attacks are on the increase, and their scope is on average more than
twice the size of less sophisticated attacks typical in social media. According
to the DataVisor study, fraudsters are lying in wait for over a year after
establishing bogus accounts, conducting only normal transactions on those
accounts while they test how much they can get away with.
These more
sophisticated attacks are starting to use cyber experts' own tools against
them, by incorporating machine learning and artificial intelligence technology
into their attack strategies.
It's extremely
likely that bad actors will begin building variants of ransomware, to make such
viruses more intelligent and less susceptible to detection. Both China and
North Korea will be increasingly involved in this type of malicious activity. North
Korea has had considerable success in developing artificial intelligence, and
may soon end up taking the lead on money extorted from victims of ransomware
attacks. We may even see collaboration among bad actors to broaden the reach
and potential damage from cyber attacks.
Good cyber
hygiene and best practices need to be implemented in both the public and
private sectors to defend against such attacks before AI makes it even harder
to stop. Unfortunately, many people are not particularly well educated in what
to do and what not to do to recognize possible hacking efforts. Without private
and public sector initiatives to educate users in addition to improvements in overall
cyber hygiene, as a result, we may see these smarter hacking activities result
in crippling consequences in both business and government.
Cloud infrastructure hacking on the
rise.
In the coming year,
we will almost certainly hear of increased hacking efforts leveled against
cloud providers. As we migrate to the cloud, we are relying on these companies
for infrastructure security.
Bad actors are
going to begin looking to damage the major public cloud providers directly, in
addition to infiltrating enterprises. That raises some very troubling
questions. Can hackers possibly have the wherewithal to take down an
availability zone? Could hackers have the sophistication to possibly take down
an entire region or data center? That can happen through denial of service
attacks and other technologies.
The back door to
hacking of cloud service providers could likely come in the form of businesses
not paying enough attention to the "Shared Responsibility" requirements
outlined by CSPs like Amazon Web Services and Microsoft Azure. Those
requirements make it clear that CSPs are responsible for security OF the cloud, and clients are
responsible for security IN the
cloud.
Unfortunately,
while cloud users are still responsible for protecting whatever they put into
the cloud, it's not happening consistently. We could see infections that take
hold in an enterprise, and since that enterprise is connected to cloud
services, the infection spreading to the CSP. If the sophistication of malware
increases we could begin to see it move cross platform. Once it's in there, you
can be sure that the bad guys will begin digging for more back doors and other
vulnerabilities they can exploit.
Time will tell how damaging
these trends may be to the networking world, but one thing is for certain:
Organizations need to get a better handle on their data protection strategies
if they hope to come out unscathed at the end of the year.
##
About the Author
Joe is a talented and seasoned executive with over 30 years of extensive experience in cloud services, information technology, cybersecurity, and data communications with a diverse background in both private / corporate as well as public sector settings.
With more than 30 years of experience in the areas of Development, Engineering, Marketing, Product Management and Network Operations, Mr. Merces brings a great depth of experience drawn from his many years in the Information Technology, Telecommunications and Manufacturing industries.
Joe holds 3 patents in data communications, is a graduate of Stevens Institute of Technology, where he received a Master of Science degree in the Management of Technology and has a Bachelor of Science degree in Computer Science from Kean University.