Mounir: Ransomware continues to prove profitable and offers
virtual untraceability for cybercriminals
Predicting the cybersecurity landscape of 2018
DUBAI, December 4, 2017
By Mahmoud Mounir
1. As the new year begins, cyber threats such as ransomware will continue to pose a serious threat to enterprises and individuals around the globe, especially as the method continues to prove profitable, and offers virtual untraceability for cybercriminals. Ransomware provides a 1:1 relationship with the victim, requiring no overhead for production of web-injects, managing money-mules, or cashout - with cryptocurrencies such as Bitcoin allowing cybercriminals to obfuscate ‘clean’ funds with dirty money through services like tumbling, mixing and coin laundering.
2. Targeted ransomware attacks on enterprises are also likely to be on the rise, as companies have the capital to pay higher ransoms than individuals. Criminals will continue to become more sophisticated, better resourced, and more patient, and will look to target businesses with higher value ransoms.
3. Business email compromise (BEC) and Business email spoofing (BES) attacks will also continue in 2018. This is where threat actors profit from sending emails to employees who have access to company funds, and from compromising the computer, email account, or email server of the victim organization in order to intercept and alter, or initiate business transactions. We assess that these schemes will likely continue to grow in popularity due to their low barrier to entry and high payout potential.
4. Targeted attacks on banks will likely remain a threat, especially as organized criminal organizations engage in online banking fraud as one of means of generating income. Some organisations will focus on non-European and US banks, which are perceived to have weaker security controls and less robust business processes than most of the major Western banks. However, malware targeting is diverse and not limited to major banks. Wealth management companies and their high-net-worth customers will also be targeted, as are payroll processing portals.
5. The dependability on AI/machine learning in cybersecurity will continue in 2018, as more cybersecurity professionals and companies understand the benefits of an AI/machine learning in the way of streamlining and enhancing threat detection and response, especially when coupled with human threat analysis.
6. Internet of Things vulnerabilities will also be increasingly targeted by criminals, especially as the IoT network is fast expanding its user base with the likes of smart home assistants, smart cars, and all smart ‘things’. For example, one Secureworks researcher discovered eight vulnerabilities in his own the smart automobile, which would allow unauthorized users to unlock the doors or gain the vehicle’s location. We’ve also tested several manufacturers’ secure keycard systems and discovered vulnerabilities which would allow an attacker to lock or unlock doors, as well as add or remove badges to a system. This could potentially allow an attacker to physically enter a company and plug in a device to deliver malware.
7. The shortage of skilled cybersecurity workers will continue, proved by the zero percent unemployment rate, according to Gartner. However, the industry should do more than just attract existing talent in the pool, it must ensure that it is both nurturing and retaining that talent for the long-term future. We also must focus on inspiring young talent, by appealing to students at university and hosting open information days.
8. Cloud security will become a greater priority for businesses, as more companies move their data to the cloud. When companies move IT assets to the cloud, they have an opportunity to realise cost savings, accelerate innovation, and improve IT performance, however, the benefits of cloud usage come with data security dangers. As such, there will be an increased need for cloud security consulting, especially in light of the upcoming GDPR regulation.
9. The imminent arrival of the General Data Protection Regulation (GDPR) and its subsequent effects will be largely felt across the industry, with those organisations not protecting data and staying compliant with security regulations exposed and fined up to €10 million ($11.88 million) or 2 per cent of worldwide annual turnover. With security risks at an all-time high organisations must be prepared, and have a robust cybersecurity awareness programme, which includes adequate breach monitoring, detection, and reporting processes, that are well documented and accessible to all employees. Worryingly, 22 per cent of large enterprises still do not have a defined incident response and management procedure in place, according to research from Frost & Sullivan, so we predict there to be some major names being made examples of in light of failing to adhere to GDPR next year.
10. Given all of the previous points and potential impact, we expect businesses and security leaders to prioritise cybersecurity investment and insurance in 2018. In fact, trillions of dollars are being poured into cybersecurity over the next four years, covering everything from complete infrastructure overhauls to talent acquisition to basic software defence tools.
About the author
Mahmoud Mounir is the regional director of Secureworks, a top provider of security solutions for organizations to prevent, detect, rapidly respond and predict cyberattacks.