Hackers are constantly learning, innovating and developing new attack methods – a phenomenon that crippled and embarrassed many organizations in 2018. Data breaches rose 45 percent last year, underlining the success of hacking innovations, with healthcare and banking racking up hits and the business sector weathering more than half of all breaches.
To help companies better prepare for the year ahead, The Chertoff Group analyzed the cyber threat landscape to develop predictive cyber trends to watch in 2019.
Attacks on the Cryptocurrency Ecosystem
Cryptocurrency is becoming commonplace for both business operations and personal transactions, and hackers are following suit: losses due to cryptocurrency attacks totaled over $1 billion last year, and we expect the rise in cryptocurrency attacks to continue.
Why are we seeing such a concentration of cryptocurrency breaches? As infamous bank robber Willie Sutton legendarily put it, “that’s where the money is.” Cryptocurrency hacks are the new bank robberies; companies and individuals using virtual currencies need to take precautionary measures to keep their assets safe.
Cryptojacking
Also known as “cryptomining malware,” cryptojacking uses both invasive methods of initial access and drive-by scripts on websites to steal resources from unsuspecting victims.
Cryptojacking is covert and highly profitable, affecting endpoints, mobile devices and servers: it runs in the background, quietly stealing spare machine resources to make significant profits with a low chance of detection. What’s more, cryptojacking is relatively easy to implement, even for amateurs: cryptojacking kits sell for as little as $30 on the dark web.
If the recent and explosive growth of ransomware indicates anything, it is that criminal organizations will continue to employ malware for profit. And, due to its ease of deployment, low-risk profile and profitability, TCG posits that this trend will continue to increase in 2019.
Software Development Subversion
While exploiting software flaws is a longstanding tactic used in cyberattacks, efforts to actively subvert software development processes are also increasing.
Contrary to popular belief, software developers tend to be easy hacking targets. In a survey of U.S.-based software developers, 52 percent admitted to running vulnerable or underdeveloped web applications on their server “ prime openings for hackers. Malware has also been detected in certain open source software libraries.
As software code becomes more complex and dynamic, opportunities for corruption increase. In 2019, we expect to see a trend toward corrupting third-party applications, services and updates so they act as “back channels” into networks. Such back channels can bypass traditional protective and detection capabilities, enabling malware to penetrate centralized and highly sensitive networks.
Preparing for Emerging Trends
While eliminating cyber risk is impossible, the best chance of avoiding an attack is staying one step ahead of emerging threats. As cyberattacks become more frequent and more sophisticated, organizations should develop comprehensive risk management plans that account for projected security trends to better protect their critical assets.
Start the year off with an effective security program. Contact The Chertoff Group today to find out how we can design a custom security program to protect your assets and safeguard your business.
