Every year is a dramatic year for cybersecurity and 2018 was no different. It started with researchers discovering significant flaws in CPUs. Cryptomining became the top cyber threat, and the year had its fair share of severe outages, data breaches, and privacy transgressions. With 2019 kicking off, will these trends continue? And what else lies in store for businesses exposed to cybersecurity threats?
Cybersecurity 2018 – The Year in Review
The past twelve months saw their fair share of cybersecurity incidents. Many of the previous trends continued but the year also saw new threats emerge.
A New Type of Vulnerability
In early January 2018, researchers disclosed a set of CPU chip vulnerabilities named Spectre and Meltdown. They demonstrated how to exploit these bugs to launch side-channel attacks to access and steal sensitive information. Spectre and Meltdown affected almost every desktop, laptop, and cloud computer in operation at the time. Due to the far-reaching consequences of this discovery, public disclosure only came after months of cross-industry collaboration.
The patches and modifications regrettably impacted the performance of systems running the affected processors. Since Spectre and Meltdown, there have been further discoveries of several related flaws affecting CPUs manufactured by both Intel and AMD. Researchers also found another variant of so-called speculative execution bugs that they named Foreshadow and Foreshadow-NG. These industry-changing discoveries have prompted Intel to announce that its next generation of CPUs will have built-in defenses to prevent similar future vulnerabilities.
Malware Remained a Constant Threat
During 2018, malicious cryptomining software dethroned ransomware as the top malware threat. As financial reward remains one of the four primary motivating factors behind cyber attacks, it is no surprise that cryptomining malware grew by 4,000% in 2018. During the year, malicious actors also exploited Coinhive, a legitimate service that offers website owners an avenue to monetize their digital presence.
Researchers expect this malware trend to continue with new attacks like Webcobra that use sophisticated techniques to infect as many unsuspecting victims as possible. However, with the current downward pressure in the price of cryptocurrencies, it will be interesting to see if this trend will continue.
Even though cryptomining became the top cyber threat in 2018, ransomware still featured in many malware reports. Released in January 2018, Grandcrab has gone through five iterations and has potentially become the new king of ransomware. Due to its impact, the Romanian police developed a decryption tool in collaboration with other national law enforcement agencies, the security company Bitdefender, and Europol. The later version of Grandcrab used the NSA-linked exploit EternalBlue, made famous by WannaCry, the malware scourge of 2017. WannaCry also made the headlines in 2018 when the U.S. Justice Department charged an alleged North Korean operative with the devastating ransomware attack.
Another Day, Another Data Breach
Data breaches continued to make the news throughout 2018 with some high-profile companies making the headlines. In December 2018, Quora announced in a blog post that 100 million user accounts were compromised. Facebook made the headlines on numerous occasions. In early 2018, the public discovered that Cambridge Analytica illegally obtained the personal data of over 87 million users. Then, in September, Facebook announced that an attack on its computer network exposed the personal information of 50 million users. Unfortunately, that was not the end of a bad run for the social media giant. In December the company announced that a bug in its platform exposed the private photos of up to 6.8 million users to unauthorized apps. Other significant data breaches included the Marriot hotel chain where attackers compromised the data of up to 500 million guests. A data breach also impacted British Airways, affecting 380,000 passengers, and Google+, where a bug allowed third-party access to 52.5 million user profiles. In response, Google announced it was shutting down its social media platform four months earlier than it had previously anticipated.
So What’s in Store for 2019?
Taking the events of 2018 into account and looking at the events that occurred in the last quarter of the year, many security specialists believe 2019 will see more of the same. These predictions come as no surprise since every year sees new vulnerabilities, malware variants, and data breaches continuing unabated. However, if we take the current state of geopolitical affairs and emerging technologies into account, a few other trends could influence cybersecurity in 2019.
Geopolitical Affairs Will Continue to Impact Cybersecurity
Cyber warfare between nation states is nothing new. Every year the media publishes stories of foreign hackers stealing trade secrets, manipulating elections, and performing other acts of cyber espionage and subterfuge. The problem with these accusations is that definitive attribution is extremely difficult, leading to nation states denying any wrongdoing. For example, when forensic investigators trace an attack back to a particular country, the relevant government often states their citizens are not acting under their direction. However, if we put attribution aside for a moment, there are clear indications that the current geopolitical climate will play a factor in cybersecurity affairs.
Meanwhile, the current trend toward anti-globalization will play a factor in cybersecurity. As former allies and trade partners push their nationalist agendas, information about perceived competitors and enemies will become increasingly vital to their strategies. This need for information will drive them to use illegitimate means to gain the upper hand in trade negotiations and in regional theaters where they need to protect their interests.
The Impact of 5G
With its imminent wide-scale launch, 5G promises to bring a whole new world due to its much faster speeds and ability to manage many more devices. High-speed and low-latency connections will fuel growth in industries like IoT and autonomous vehicles. As with every new technology launch, a range of vulnerabilities and security threats will accompany these new disruptive solutions.
Even though new technologies mean new threat vectors, 5G also promises to enhance cybersecurity. Due to its virtualized nature, 5G offers better mutual authentication between networks and user. The ability to detect threats, authenticate users, and practice proper network hygiene is far better in 5G than in preceding generations of telecoms protocols.
Artificial Intelligence (AI) has been growing in prominence over the past few years, and 2019 promises to be no different. In the cybersecurity domain, the next generation of products is increasingly incorporating AI and Machine Learning (ML) technologies. AI will increase the automated detection of threats and power new password protection and authentication solutions. Leveraging AI organizations will also be able to detect and authenticate physical biometric traits such as fingerprints and retina scans much faster.
However, AI in cybersecurity is a double-edged sword. Hackers are also taking advantage of AI to automate their attacks and achieve rapid results. Since AI is centered on understanding behavioral norms, it is the perfect platform upon which to build tools that automate password attacks. AI is also becoming capable of mimicking human voices. This ability makes AI a perfect platform to launch new and sophisticated social engineering attacks.
Goodbye 2018, Hello 2019
As we bid farewell to 2018 and welcome the opportunities and challenges that await us in 2019, it is an excellent time to reflect on the events of the last twelve months. The last year has seen its fair share of new vulnerabilities, malware infections, and data breaches. As we leave 2018 behind us and head into 2019, we expect these cyber threats to remain prevalent. However, the current state of geopolitical affairs and the rise of new emerging technologies promises to bring new cybersecurity solutions and challenges in the year to come.
Coranet is a certified Woman-Owned Information Technology Organization that has been meeting the requirements of Enterprise and Government entities for over 30 years. Network Engineering and Technical Support is part of our foundation and we continue this proud tradition with a 360-degree approach to technology solutions and services in the areas of Audio Visual, Network & Physical Security, IT Infrastructure, and Consulting/Project Management. Coranet is ISO 9001 registered, Lean Six Sigma and WBENC certified.
Please contact us at Sales@coranet.com for more information