Cybersecurity Challenges that Need to be on Your Radar Right Now

essidsolutions

Marcell’s article talks about the various cybersecurity challenges that need to be on your mind throughout the rest of 2018.

Ensuring cybersecurity is becoming tougher every year as cybercriminals perform new attacks, exploit new vulnerabilities, and execute new attacks constantly; while regulatory institutions change and improve (read: complicate) standards. Your task is to be fully prepared to face these challenges. Here are cybersecurity challenges that need to be on your mind throughout the rest of 2018.

1. GDPR is Here

General Data Protection Regulation (GDPR) took effect on May 25, 2018. While this document covers the protection of personal data of EU citizens, its implementation affects every company that processes data of EU customers or businesses or has an office in one of the EU countries. The good news is that regulators will not audit international companies for GDPR compliance. However, if there is a complaint from an EU citizen or a breach, the company will have to pay a hefty fine: up to €20 million (around $24.5 million) or 4% of the company’s global annual turnover ― whichever is greater.

Another problem is hackers using non-compliance with GDPR to their advantage by blackmailing companies that don’t meet all the requirements of the regulation. Gilad Peleg, CEO of SecBI, predicts that ill-prepared companies will have to find a way to “become at least partially compliant” with the new regulation. However, many experts agree that majority of companies will fail to comply with GDPR by the deadline.Furthermore, according to a recent Forrester reportOpens a new window , nearly half of these businesses won’t even try to comply because the cost of compliance outweighs possible risks.

2. Attacks via Compromised IoT devices

In 2018, the number of attacks via compromised IoT devices is also expected to increase. Three most common security problems that the IoT world will face in 2018 are:

  • Botnets ― Cybercriminals no longer need to develop difficult malware solutions since they can easily purchase a ready-to-use botnet kit from the dark web instead.
  • DDoS Attacks ― Compromised IoT devices may be used for performing massive DDoS attacks. Cybercriminals try to exploit poor security setting in both, home and workplace IoT devices, making them generate enormous amounts of traffic.
  • Ransomware attacks ― Even though most IoT devices don’t store valuable data, cybercriminals may choose some critical systems, such as power grids, factory lines, or smart cars as their target to make the victim pay.

Of course, various IoT manufacturers who work hard to improve the security of devices. However, a large number of devices that are already deployed are either difficult or downright impossible to patch. As a result, we have millions of connected devices that have little to no defense against hackers. Thus, ensuring a higher level of protection for IoT devices and systems is essential.

3. Cloud Security Issues

In contrast to IoT devices, cloud platforms store large amounts of sensitive and valuable data. While cloud providers put a lot of effort into ensuring the security of their services, there are still too many security issues you can’t ignore.

A few issues that need special attention include:

  • Cloud Misconfigurations – According to Symantec, implementing both, SaaS and IaaS security will remain a struggle for many organizations. Businesses are not yet entirely aware of the complexities involved in securing cloud data, so even more breaches caused by error, compromise, and design wait for us in the near future.
  • Spectre and Meltdown Vulnerabilities – Some attackers try to exploit Spectre and Meltdown vulnerabilities and focus their attacks on the CPUs used by cloud providers. The best way you can handle this situation is by keeping your hardware updated ― new patches fixing different Spectre and Meltdown vulnerabilities are released continually. However, since Spectre issues are very tough to patch, some experts suggest replacing all affected processors.
  • Insecure APIs — In many cloud systems, APIs (Application Programming Interfaces) are the only facets outside the trusted organizational boundary with a public IP address. Thus, insecure APIs may give an attacker considerable access to cloud applications and put the entire system at risk.
  • Data Loss – One risk that should never be ignored is losing the company’s data due to some non-malicious causes, such as a natural disaster or human error. The only way to mitigate such risks is by creating lots of backups of valuable information and storing them at physical sites located in different parts of the globe.

4. Attacks Based on Machine Learning and AI

Artificial Intelligence (AI) and Machine Learning (ML) software can “learn” from the consequences of past events to reach the set goal. While many cybersecurity professionals use AI/ML tools for preventing cyber attacks, there is a chance that hackers will also use these innovative solutions for performing more sophisticated attacks.

AI and ML may be used for performing different types of attacks – from sending vast amounts of spam/fraud/phishing messages via chatbots to AI-powered password guessing to performing cryptographic attacks.

5. Attacks Against Cryptocurrencies and Blockchain Systems

Many companies adopting cryptocurrency technology don’t implement appropriate security controls. As a result, they will only continue to experience financial losses, predicts Bill Weber, principal security strategist at eSentire.

When working with cryptocurrencies and blockchain systems, there are three main types of attacks you need to be prepared to deal with:

  • Eclipse Attack ― A network-level attack on a blockchain system, where an attacker gains full control over all the connections going to and from the victim’s node. This type of attack may be used for hiding information about the usage of cryptocurrencies within the network and performing double-spend attacks.
  • Sybil Attack ― An attack where one node in the network acquires several identities
  • DDoS attacks ― While many popular cryptocurrencies, such as Bitcoin have built-in protection against DDoS attacks; the risk is still very high for all the unprotected cryptocurrencies.

6. Sandbox-Evading Malware

As sandboxing becomes more and more popular as a malware detection and prevention method, cybercriminals will come up with new ways to evade this technology. For instance, there are new strains of malware that can recognize if they are inside a sandbox. These malware infections do not execute their malicious code until they are outside of the sandbox.

There are two main techniques that attackers use for evading sandbox solutions:

  • Core Count ― Malware tries to spot sandboxes using discrepancies in hardware, such as the number of CPU cores. This is why many sandbox vendors hide their actual configuration, trying to make such discoveries more difficult for the attackers.
  • Lack of User Input ― Malware can analyze the level of user input for detecting a sandbox. In contrast to a sandbox, different types of user activity, such as mouse or keyboard activity frequently occur in a real machine.

7. Fileless Malware

Another significant problem is the increasing popularity of non-malware attacks. Many organizations still lack in preparation for this type of cyber threats, which only encourages the attackers to use fileless malware even more. The more common memory-only non-malware attacks exploit Windows vulnerabilities and execute their payload in the memory. Such infection can be deleted by rebooting the system.

However, there are more complex types of non-malware attacks. Some attacks can use the existing Windows tools for malicious purposes, while the others can continue to run their malicious code even after the system reboot. Two main reasons why fileless malware is harder to detect are:

  • They have fewer Indicators of Compromise (IoC) than the traditional malware.
  • They can use their victim’s tools, pretending to be a legitimate process within the system.

As a result, traditional anti-malware software cannot detect non-malware threats effectively, and new solutions are called up.

8. Moving to DevOps

While switching to DevOps leads to better efficiency, higher speed, and more responsive delivery of IT services, this movement may also pose serious cybersecurity threats. Many organizations are still struggling to apply adequate security controls in the DevOps practice. As a result, you need to be ready to deal with a lot of possible security problems when moving to DevOps. These include:

  • Security Group Misconfiguration ― As environments become larger, they interconnect dozens, hundreds, or even thousands of different security groups. Managing these groups is a challenge, as even the slightest misconfiguration can lead to a significant security problem.
  • Accidental Exposure of Public Data – The data is stored in a publicly accessible Simple Storage Service (S3) bucket. If the data bucket isn’t configured correctly, it may lead to enabling public access to sensitive and valuable information.
  • Too Many False Positives ― Anomaly detection becomes a serious challenge because environments change constantly, creating more false positives than the system can deal with. Attackers may use this issue to their advantage, hiding their activities behind legitimate processes inside the victim’s environment.

9. Biometric Authentication

Biometric authentication gains more and more popularity as an innovative cyber security solution. While some people see biometrics as a new and efficient way of improving the security for enterprises, others see it as a possible problem.

There are many types of authentications based on biometrics: common fingertip scanning to a more innovative voice, iris, or face recognition. Many people believe that biometric systems are nearly impossible to compromise – the data can’t be guessed and is unique for every user. Thus, it seems to be a better solution for a single-factor authentication and a great addition to a multi-factor authentication system. However, biometric systems have their drawbacks.

A major issue is that biometric information can still be stolen or duplicated, just like a user’s login and password. However, in contrast to a password, the user can’t change the scans of their iris or get a new face. This creates new challenges for cybersecurity professionals in the future.

10. Ransomware

Just like in the previous years, ransomware remains to be one of the deadliest cybersecurity problems. According to many experts, ransomware will become even worse in the coming years. For instance, FireEye predictsOpens a new window that there will be more ransomware used in 2018, mostly because ‘administrators are slow to patch and update their systems’.

The main targets will be companies that store valuable information, such as users’ personal data or web browsing habits, and cloud services, especially those that perform computing in the cloud and, therefore, store huge amounts of data. The only way to lessen the possible harm caused by these attacks is to have back-ups for all the significant data.

Another worrying fact is the high possibility of cybercriminals using AI methods for improving their attacks. Machine learning and neural networks may be used for gathering specific data or spreading carefully targeted phishing messages. As Steve Grobman, CTO, McAfee, explained to MIT Technology Review, AI ‘gives attackers the tools to get a much greater return on their investment’.

Of course, the problems we listed above are not the only cybersecurity problems that businesses will face in the near future. However, these threats will be on the rise and have the most significant effect on both, enterprises and end users.ac

Contact ESSID Solutions

    By clicking Send Message, you agree to our Terms of Use and Privacy Policy.

    Reach out to us for a free consultation on big data consultancy and development services.

    Contact

    Rua Alexandre de Sa Pinto 143
    1300-034 Lisbon
    Portugal

    [email protected] +351927159955
    Privacy Policy Terms of Service Refund and Returns Policy

    © 2024 ESSID SOLUTIONS LDA