Cybersecurity Predictions 2018
This year is coming to an end. The media headlines were constantly reporting massive attacks and breaches. We expect nothing less in 2018.
Here are 2018's cybersecurity predictions.
Cost of Disruption Will Interrupt Daily Life
- Massive destructive attack/s Weapons of mass cyber destruction hitting a plethora of industries. A large destructive attack on a telco, commodity manufacturers, critical infrastructure, IaaS, or PaaS provider will result a massive service outage. There will be a shutdown.
- Ransomware surge Ransomware will advance in distribution methods. As a start-up, ransomware is financing more “customers/victims” will always be there. People will still pay to finance.
- New types of fileless attacks Attacker will start to leverage new fileless techniques to bypass security measures. Disruption will continue to occur, costing thousands to billions of dollars in loss of operation. Cyber attackers will continue to target.
Evidence: WannaCry and NotPetya attacks hit various industries in an unexpected wave of attacks. Many people think that WannaCry was a test run. WannaCry took down 85% of Telefonica. WannaCry is a representation of how costly and how powerful a cyber attack can destroy a company’s operations. We predict a more destructive attack will occur that will shut down critical infrastructures.
Methods of Attack Will Evolve
- Increase in social engineering Exploitation mitigation is getting better, vulnerabilities are becoming more costly. We will see more social engineering and less vulnerabilities.
- Fileless attacks more prevalent Designed to function completely within the memory and leaving no evidence, allowing a Pandora’s Box of malicious behavior go undetected. Fileless attacks usually occur for an extended amount of time prior to the targeted victim identifying the attack.
- Code injection methods Code injection methods leveraging operating systems with the ability to bypass conventional security methods will continue to be discovered.
- Malware bypasses Malware written in Linux binary and the Mac doesn’t know how to inspect it.
Evidence: Fileless attacks capitalize on Powershell, Metasploit. Code injection methods such as AtomBombing and Process Doppelganging are critical weaknesses that need to be addressed with high-priority.
SOC Teams Will Be Flooded by Targeted Indicators Origin DDos Attacks
- The SOC teams will be paralyzed due to incident response processes caused by DDos attacks. Meanwhile, the attacker's true intention will hit in a backchannel attack. SOC teams will exhaust all resources and turn to MSSPs.
- Compensating lack of talent and security experts to fill internal SOC teams.
- Incident Response teams will continue to be too bogged down to prioritize alerts.
- Response time for legitimate critical alerts will go unnoticed causing downtime. Cybersecurity experts will realize looking past alerts is opposite of an efficient security solution.
- Dwell time is increasing and it’s unsustainable. enSilo stops malware impact pre- and post-infection, giving your security staff a virtual patch capability until your IT can remediate infected endpoints on their own time.
Learn about enSilo’s complete endpoint security solution.