January 30, 2019
There’s no question about it, the number of cybersecurity-related threats is increasing drastically and cyber crimes are becoming more and more advanced which makes them more complex to fight. During 2018 we have seen some trends on a relatively small scale. We believe that some of these trends will increase in scale in 2019. Here are our cyber security predictions for 2019. Stay safe!
Last year, several different e-retailers' credit card forms, on their web pages, were hijacked. Where JavaScript was injected, reading the credit card information.
We all know that thieves follow the money and we will most probably see more attacks in the chain before the credit card provider authentications being attacked or replaced by an attacker's fictitious form.
More people realize that active and fast action is crucial in preventing an attacker from gaining ground in an organization. Therefore, more products and systems appear that can prevent an attacker from escalating their rights or moving within the network (lateral movement). But to make rapid countermeasures, of course, the attacker must first and foremost be discovered, which places demands on traceability and logging.
An active defense can also involve introducing honey traps and systems that are virtualized but not part of the real network or planting information that confuses the attacker or leads it into the wrong track and causes incorrect conclusions to be drawn.
Will 2019 be the year where we will see real AI within cyber security? Many security products we use every day have relatively little AI built-in and there is probably a huge development potential where cyber security meets AI. Imagine for example Nmap with a little intelligence? Instead of only scanning the 1.000 most common ports that a system exposes, dynamic ports are also added based on those identified.
In recent years, we have seen that connected products, like IoT, contain vulnerabilities and can be used to attack others by, for example, being part of a bot network. However, what we have seen less of is how the gadgets' functions can be used for malicious purposes to a great extent. In this area, I believe we will see more and more startling cyber attacks, let’s just hope they don’t affect people's lives.
As an increasing amount of logins are done using multifactor authentication (MFA), tools and methods are also being developed to attack multifactor authentication. With a targeted email message lurking a user, the attacker can bypass multi-factor authentication and escalate their rights and become the domain administrator on the organization's network in just a few minutes. It’s no longer a fictitious scenario but something that is performed both by malicious attackers and by Red Team exercises where companies are hired to test the security.
Read more articles similar to this one.
Security tricks & trends
Remote work has increased drastically and at the same time, there are clear indications that hackers, foreign powers, and other cybercriminals are...
Hacker attacks & exploits
What is the difference between an ordinary damaging code and an advanced cyber weapon, and exactly how is a cyber weapon deployed and executed?...
Security tricks & trends
A new year, new vulnerabilities. From appliance hacking to password spraying - our security predictions on what we think will impact the cyber...