IFSEC Insider is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.
Adam Bannister is a contributor to IFSEC Global, having been in the role of Editor from 2014 through to November 2019. Adam also had stints as a journalist at cybersecurity publication, The Daily Swig, and as Managing Editor at Dynamis Online Media Group.
The rise in state-sponsored cyber-attacks on critical infrastructure will continue its upward trajectory during 2019, according to research by cyber-threat intelligence firm CYFIRMA.
A raft of cyber-threat trends to expect in 2019 also suggests that hackers will seek to capitalise on GDPR, probe cloud security for vulnerabilities and expand use of ‘multi-homed’ malware attacks.
And businesses should focus on vetting their supply chain with cybercriminals increasingly targeting its weak links.
Organisers of the Tokyo 2020 Olympics, meanwhile, should brace themselves for a sustained assault on their digital infrastructure.
Alarmingly – and entirely unsurprisingly – CYFIRMA expects attacks overall continue their growth in intensity and frequency. However, these 15 phenomena in particular will emerge or worsen in 2019, according to the research.
Hackers will unleash multi-pronged, AI/machine-learning powered cyberattacks – triggering breaches in humanoid systems alongside blockchain ecosystems and other autonomous systems.
The Tokyo 2020 Olympics will be a prime target for countries hostile to Japan.
State or corporate-sponsored espionagewill be driven by trade disputes. Following North Korean, Chinese and Russian state-sponsored attacks in 2018 other countries will launch or ramp up their own attacks to demonstrate their political power and meet proxy objectives.
Threat actors will leverage social engineering techniques to mine behavioural data from individuals, organisations and governments. Malicious actors will identify potential targets, recruit them inconspicuously, and exploit their access levels to penetrate government or corporate target systems in a seamless, camouflaged operation.
Cloud security will be probed for vulnerabilities. In 2018, AWS and Azure cloud assets were a frequent target. Next year hackers will ramp up attacks on cloud-based data assets. Growing numbers of organisations are employing a comprehensive security policy for their cloud-based data assets and footprints, inadvertently playing into the hands of these threat actors.
In 2018, 10 new variants of the infamous Mirai botnet were discovered and every Internet of Things (IoT) manufacturer has exhibited device vulnerabilities. In 2019, further variants of IoT legacy threats will be unearthed, encouraged by a lack of standardisation among IoT manufacturers of devices. Cyber attacks on IoT sensors will soar.
Identity theft will remain popular with cybercriminals with Asia, especially Japan, likely to be targeted almost on a daily basis.
Multi-homed, multi-magnitude variants of crypto malware, banking trojans, ransomwareetc will proliferate. A foretaste arrived this year with SamSam and GandCrab: behaviour-mapping malware with “uncanny adapting and evolution skills” that mimicked legitimate software.
Supply chain vulnerabilities will be exploited more frequently with embedded malware. Organisations should create further layers of cybersecurity and rethink their strategies and policies in this area.
Long a favoured tool, DoS attacks will become more popular still in 2019. Low campaign cost and huge rewards will continue to make a compelling case for deployment. Japan will remain one of the top 10 most targeted countries.
With GDPR promising eye-watering fines for non-compliance, avenues will open up for hackers to exploit GDPR remediation and regulatory procedures. Even a small attack could cost organizations as hackers see opportunities to earn millions.
Up to70% of companies will encounter botnet attacks that use AI/machine learning. Their composition is changing with multi-variant, altering behaviour and multi-intent being common signatures.
State-sponsored cyber attacks on critical infrastructure will proliferate. Operational technologies like PCI, HMI, Control and Workflow Systems will be high on cybercriminals’ bucket lists. Threat actors are developing new attack methods featuring complex malware to accomplish tasks such as passive asset discovery and control instruction hijacking.
Social engineering and phishing/smishing will remain the most common attack vectors and organisations will finally realise their employees are their weakest link, prompting a reappraisal of security strategies.
Cryptocurrency exchanges and trading platforms will need fortification. As institutional capital flows into the cryptocurrency market, thefts will correspondingly increase. The growing need for cryptocurrency mining will encourage attacks on mining resources and unsuspecting victims. Already, the Japanese cryptocurrency exchanges and trading platforms have drawn interest from hackers based out of China, North Korea, Russia and Ukraine.
“While 2018 was a year of financially motivated threat actors having a free run against individuals, organisations, institutions and countries, we have noticed an increasing trend of state sponsors interested in arming threat actors to pursue defined geopolitical objectives,” said Kumar Ritesh, CYFIRMA Chairman and CEO.
“The cybersecurity landscape of Japan and South East Asia is changing dramatically, due to the aggressive involvement of state-sponsored hackers and an expanding attack surface. Nations will also continue to acquire and build their cyber warfare capability to strengthen their national interests.
“Digital proliferation will continue to outpace the speed with which defense mechanisms are being invented and applied to protect emerging technologies. Organisations need to balance the need for new technologies to enable business efficiency, expansion, and flexibility while defending against the increasing complexity and variety of new attacks created by emerging technologies.”
“Cryptocurrency exchanges, healthcare companies, the energy sector, and traditional financial institutions were at the brunt of cyber attacks this year. What has been very interesting to witness is the shift in the hackers’ intention to use emerging technologies, increasing the difficulty to defend an expanding attack surface.”
CYFIRMA provides real-time threat intelligence that equips organisations to be more proactive in protecting data and digital assets. Aggregating and analysing information from hundreds of thousands of sources on the open and dark web, CYFIRMA helps companies gauge attacks they’re most likely to fall prey to and, accordingly, the most effective response.
CYFIRMA is a division of global analytics firm Antuit.
State-sponsored espionage and sabotage to shape 15 cybersecurity threats to beware in 2019The rise in state-sponsored cyber-attacks on critical infrastructure will continue its upward trajectory during 2019, according to a cyber threat intelligence firm that also forecasts that hackers will capitalise on GDPR, probe cloud security for vulnerabilities and expand use of 'multi-homed' malware attacks.
Adam Bannister
IFSEC Insider | Security and Fire News and Resources
Related Topics
Paxton employees raise over £9k for Teenage Cancer Trust
Photo posts from the 2023 Security & Fire Excellence Awards
Winners revealed for 2023 Security & Fire Excellence Awards
