Editor, IFSEC Global

Author Bio ▼

Adam Bannister was Editor of IFSEC Global from 2014 through to November 2019. Adam is also a former Managing Editor at Dynamis Online Media Group.
December 3, 2018

Sign up to free email newsletters


The Video Surveillance Report 2020

Cybersecurity trends

State-sponsored espionage and sabotage to shape 15 cybersecurity threats to beware in 2019

The rise in state-sponsored cyber-attacks on critical infrastructure will continue its upward trajectory during 2019, according to research by cyber-threat intelligence firm CYFIRMA.

A raft of cyber-threat trends to expect in 2019 also suggests that hackers will seek to capitalise on GDPR, probe cloud security for vulnerabilities and expand use of ‘multi-homed’ malware attacks.

And businesses should focus on vetting their supply chain with cybercriminals increasingly targeting its weak links.

Organisers of the Tokyo 2020 Olympics, meanwhile, should brace themselves for a sustained assault on their digital infrastructure.

Alarmingly – and entirely unsurprisingly – CYFIRMA expects attacks overall continue their growth in intensity and frequency. However, these 15 phenomena in particular will emerge or worsen in 2019, according to the research.

  1. Hackers will unleash multi-pronged, AI/machine-learning powered cyberattacks – triggering breaches in humanoid systems alongside blockchain ecosystems and other autonomous systems.
  2. The Tokyo 2020 Olympics will be a prime target for countries hostile to Japan.
  3. State or corporate-sponsored espionage will be driven by trade disputes. Following North Korean, Chinese and Russian state-sponsored attacks in 2018 other countries will launch or ramp up their own attacks to demonstrate their political power and meet proxy objectives.
  4. Threat actors will leverage social engineering techniques to mine behavioural data from individuals, organisations and governments. Malicious actors will identify potential targets, recruit them inconspicuously, and exploit their access levels to penetrate government or corporate target systems in a seamless, camouflaged operation.
  5. Cloud security will be probed for vulnerabilities. In 2018, AWS and Azure cloud assets were a frequent target. Next year hackers will ramp up attacks on cloud-based data assets. Growing numbers of organisations are employing a comprehensive security policy for their cloud-based data assets and footprints, inadvertently playing into the hands of these threat actors.
  6. In 2018, 10 new variants of the infamous Mirai botnet were discovered and every Internet of Things (IoT) manufacturer has exhibited device vulnerabilities. In 2019, further variants of IoT legacy threats will be unearthed, encouraged by a lack of standardisation among IoT manufacturers of devices. Cyber attacks on IoT sensors will soar.
  7. Identity theft will remain popular with cybercriminals with Asia, especially Japan, likely to be targeted almost on a daily basis.
  8. Multi-homed, multi-magnitude variants of crypto malware, banking trojans, ransomware etc will proliferate.  A  foretaste arrived this year with SamSam and GandCrab: behaviour-mapping malware with “uncanny adapting and evolution skills” that mimicked legitimate software.
  9. Supply chain vulnerabilities will be exploited more frequently with embedded malware. Organisations should create further layers of cybersecurity and rethink their strategies and policies in this area.
  10. Long a favoured tool, DoS attacks will become more popular still in 2019. Low campaign cost and huge rewards will continue to make a compelling case for deployment. Japan will remain one of the top 10 most targeted countries.
  11. With GDPR promising eye-watering fines for non-compliance, avenues will open up for hackers to exploit GDPR remediation and regulatory procedures. Even a small attack could cost organizations as hackers see opportunities to earn millions.
  12. Up to70% of companies will encounter botnet attacks that use AI/machine learning. Their composition is changing with multi-variant, altering behaviour and multi-intent being common signatures.
  13. State-sponsored cyber attacks on critical infrastructure will proliferate. Operational technologies like PCI, HMI, Control and Workflow Systems will be high on cybercriminals’ bucket lists. Threat actors are developing new attack methods featuring complex malware to accomplish tasks such as passive asset discovery and control instruction hijacking.
  14. Social engineering and phishing/smishing will remain the most common attack vectors and organisations will finally realise their employees are their weakest link, prompting a reappraisal of security strategies.
  15. Cryptocurrency exchanges and trading platforms will need fortification. As institutional capital flows into the cryptocurrency market, thefts will correspondingly increase. The growing need for cryptocurrency mining will encourage attacks on mining resources and unsuspecting victims. Already, the Japanese cryptocurrency exchanges and trading platforms have drawn interest from hackers based out of China, North Korea, Russia and Ukraine.

“While 2018 was a year of financially motivated threat actors having a free run against individuals, organisations, institutions and countries, we have noticed an increasing trend of state sponsors interested in arming threat actors to pursue defined geopolitical objectives,” said Kumar Ritesh, CYFIRMA Chairman and CEO.

“The cybersecurity landscape of Japan and South East Asia is changing dramatically, due to the aggressive involvement of state-sponsored hackers and an expanding attack surface. Nations will also continue to acquire and build their cyber warfare capability to strengthen their national interests.

“Digital proliferation will continue to outpace the speed with which defense mechanisms are being invented and applied to protect emerging technologies. Organisations need to balance the need for new technologies to enable business efficiency, expansion, and flexibility while defending against the increasing complexity and variety of new attacks created by emerging technologies.”

“Cryptocurrency exchanges, healthcare companies, the energy sector, and traditional financial institutions were at the brunt of cyber attacks this year. What has been very interesting to witness is the shift in the hackers’ intention to use emerging technologies, increasing the difficulty to defend an expanding attack surface.”

CYFIRMA provides real-time threat intelligence that equips organisations to be more proactive in protecting data and digital assets. Aggregating and analysing information from hundreds of thousands of sources on the open and dark web, CYFIRMA helps companies gauge attacks they’re most likely to fall prey to and, accordingly, the most effective response.

CYFIRMA is a division of global analytics firm Antuit.

WATCH: The Challenges of Secure IoT

This unmissable free webinar will help you understand the risks, opportunities and regulations for IoT and cyber security, so you can get on top of this fast-evolving sector of the industry.

Watch this exclusive IFSEC Digital Week on-demand webinar today, and hear from Virtually Informed's Sarb Sembhi, Unified Security's James Willison and Derwent London's Nick Morgan.


Related Topics

Notify of
Inline Feedbacks
View all comments