5 Predictions for 2019
5 Things the Cyber Security Experts Predict for 2019.
What does 2019 have in store for cyber security? Predicting the future is hardly an exact science (and if it was, how different would the cyber security industry be?). But when you watch an industry closely enough and identify its trends, it is possible to gain an idea of where things are heading. Here are five things our partners are expecting to see during the coming year:
Kaspersky: No more big APT attacks (which traditionally show the most innovation when it comes to breaking security).
The security industry has consistently discovered highly sophisticated government-sponsored operations that took years of preparation. But attackers might explore new, even more sophisticated techniques that are much more difficult to discover and to attribute to specific actors. The entry barrier has never been so low. Hundreds of effective tools, re-engineered leaked exploits, and frameworks of all kinds are publicly available and easily customisable – inviting practically anyone to use them and making attribution nearly impossible.
Simplifying somewhat, the APT world seems to be breaking into two groups: the traditionally well-resourced and most advanced actors (that we predict will vanish), and a group of energetic newcomers who want to get in on the game.
Fortinet: Using Artificial Intelligence Fuzzing (AIF) to mine for Zero Day vulnerabilities.
Fuzzing is a sophisticated technique traditionally used in lab environments by professional threat researchers to discover vulnerabilities in hardware and software interfaces and applications. The technique involves injecting invalid, unexpected, or semi-random data into an interface or program and then monitoring them for events such as crashes.
Fuzzing is hard to do and requires a high level of expertise to develop and run effectively. But AI might change that soon, when it starts being used to discover and exploit software bugs. Combining AI and Fuzzing, attackers will be able to automate and accelerate the discovery of Zero-Day attacks.
The acceleration in the number and variety of available vulnerabilities and exploits, including the ability to quickly produce Zero-Day exploits and even provide Zero-Day Mining as a service, may radically impact the types and costs of services available on the dark web. The approach to security will have to change and adjust as a consequence- there is no way to anticipate where these Zero-Day are located, nor how to defend them through the tools most organisations have deployed in their networks today.
Symantec: Growing 5G deployment and adoption will begin to expand attack surface area.
A number of 5G network infrastructure deployments kicked off this year and 2019 will most likely accelerate 5G activity. Because smart phones are the focus of much 5G interest, some carriers are likely to soon start offering fixed 5G mobile hotspots and 5G-equipped routers for homes. Over time, more 5G IoT devices will connect directly to the 5G network rather than via a Wi-Fi router. This trend will make those devices more vulnerable to direct attacks. For home users, it will also become increasingly difficult to monitor all IoT devices, since they bypass a central router.
The peak data rate of 5G networks is 10 Gbps, compared to 4G’s 1 Gbps. The shift to 5G will catalyse new operational models, new architectures, and new vulnerabilities. The ability to back-up or easily transmit massive volumes of data to cloud-based storage will give attackers rich new targets to breach.
Nozomi Networks: More but unsophisticated attacks against OT networks.
Ever more sophisticated tools and techniques for hacking are available for downloading from the web. This means that the number of unsophisticated hackers able to break into systems will rise – but what they’re able to do once they get in is another question.
During Russia’s attacks on the Ukrainian power grid, attackers were able to remain undetected and do reconnaissance work for months. To bring down power for nearly 250.000 customers, they had to thoroughly understand the operations at the targeted plant. That level of sophistication can’t be bought and sold on the internet, which means that the real damage will continue to be done by actors with access to the right skills and resources. It also means that early detection will continue to be critical to stop the adversary before he/she has gathered enough information to be truly disruptive.
Cybereason: Weaknesses in IoT security will rise most quickly of all.
IoT will keep on increasing exponentially, to the point when we will wonder why we had a special name to what amounts to the majority of computing nodes.
These devices will steadily follow Moore’s Law, with full stacks, more computing power, and commensurate bandwidth demand. With an increase in complexity and topography, we will see an exponential increase in the options for attackers, almost a Metcalfe’s Law for the darker side. As a network grows, the risk topography grows faster and faster in a dark imitation of the increasing value; and IoT will exemplify this. The steps we make now will pay handsomely in the future, and what we don’t do now will plague us for decades.