Death, taxes….and cyber threats
In 1789, Benjamin Franklin wrote in a letter that “Our new Constitution is now established, and has an appearance that promises permanency; but in this world nothing can be said to be certain, except death and taxes.”
Ben Franklin couldn’t conceive of computing and the Internet, but in our current era and in 2019, we can add a third item to his list of certain things – “death, taxes and cyber threats.”
Data breaches have cost companies in the billions – over $50B
Forbes estimated in 2018 that over the last five years, the estimated costs in damages to companies for a data breach ran over $50 billion. Most organizations can’t afford that kind of hit. And that doesn’t count the damage to a company’s reputation.
As we know, the world of cyberspace can be a dangerous place, yet it’s a necessity for conducting business. Digital data and online services continue to be a core part of operations for the majority of businesses these days. Estimates say 70% of all companies use the cloud for at least one application.
Our past and future predictions
Last year, we predicted 10 areas of increasing cyber threats, of which increasing threats to cloud services was one. We’ve ranked where our 2018 predictions stand today and assembled a new set for 2019. Some of our 2018 predictions experienced more threatening activity than others.
How we rate our 2018 predictions today:
1. Increasing threat: The cloud continues to be a battleground for cyber threats. As businesses continue to increase their reliance on cloud services, they must grapple with the complexities of cloud governance while also keeping their eyes open to the “The Treacherous 12” critical cloud security issues.
2. Increasing threat: Runtime memory is the new (continuing) battleground. Memory-based threats are on the rise because of the stealthy way these undetectable attacks invade networks. Without traceable malware, most defensive security is blind to these fileless attacks.
3. Status quo: Formerly secret but now widespread hacking tools continue to increase nation-state-level attacks. Hacking tools like EternalBlue, EternalSynergy and so on continue to be used by nation states to invade the US and other countries for spying missions. But more harmful objectives are inevitable.
4. Increasing threat: Hype for Artificial Intelligence (AI) continues to grow, but so does skepticism. While AI can bring some elements of value to the cybersecurity table, so far it isn’t living up to the expectations for cyber protection and it’s no miracle worker. More alarming, hackers are using it to further their own causes.
5. Increasing threat: Gaps in patching continue to plague businesses and invite data breaches. This is especially true for Industrial Control Systems that notoriously have older operating systems that aren’t current with patching.
6. Status quo: False positives continue to plague and exhaust SOC teams. The more security teams spend time chasing down false positives, the greater the likelihood a true threat might be missed.
7. Status quo: GDPR compliance is changing the face of global accountability. GDPR went into effect May of 2018 and some of the significant fines are just beginning to surface with the data breaches experienced by British Airways and Facebook. This is as expected under the terms of the GDPR and other increasingly strict data privacy laws, but its impact will increase as more data breaches surface.
8. Increasing threat: Critical infrastructure vulnerabilities threaten public and national security worldwide. With events such as the new story that Russia invaded US electrical grids three times in 2018 and cyber threats like BlackEnergy morphing into new attacks such as GreyEnergy, the threat to ICS continues to be an alarming concern.
9. Status quo: Hacking as a Service (HaaS) and dark web cybercrime business os costing the world trillions. While HaaS may not be top of mind to most security professionals, the recent estimate that cybercrime will cost the US $6 trillion by 2021 is a sobering prediction. See our article on January 11. [https://virsec.com/the-biggest-cybercrime-threats-of-2019/ ]
10. Status quo: Nation-state and politically motivated hacking will impact global events. Despite ongoing efforts to thwart outside interference, the US’s national secrets, ranging from military strategies to homeland security, as well as the private lives of any candidate running for office, are at risk of being hacked and manipulated, to the entire nation’s detriment.
In light of the ongoing and rising threats carrying over from 2018, we have assembled our line up for 2019. This year’s Foreboding Fourteen is listed below and we’ll discuss the details of each one in a series of upcoming blogs.
2019 Predictions – Upcoming blog series:
The Foreboding Fourteen rising cyber threats
1. The failure of traditional security systems to see memory-based threats will continue to pose data theft risks
2. Critical infrastructure organizations will face more pressure to address ever-present ICS threats
3. “Mind the Patching Gap” – Hackers will continue taking advantage of companies that don’t keep up
4. Demonstrated attacks likely to become actual attacks for Spectre and Meltdown
5. Cyberinsurance will increase, even as it may be threatened
6. False positives and alert fatigue will continue to undermine security
7. Focus on app security and defense will increase and move beyond RASPs
8. Cloud workloads are another critical new battleground
9. Dumbing down of WAF – moving to cloud WAFs means giving up on app security
10. Breach disclosures forced to become global and quick
11. Hackers will increase dwell time and hide out in your networks longer and longer
12. Supply chain challenges will increase, driving vendors to rethink security
13. Not all endpoints are equal – Priorities for servers & apps will shift
14. Companies will shift their protection strategies, consolidate redundancies, seek new solutions