Cybercrime has grown ever more professional and organised over the past decade. The last few years especially have seen a number of high profile cyberattacks, where the ability, professionalism and sophistication of hackers has outweighed most companies’ ability to defend themselves.
That’s to say that they aren’t trying though. Cybersecurity is now a major industry, whose sheer size and growth would outstrip the GDP of many countries. But as well as being unable to defend themselves effectively, many organisations also struggle to even quantify the impact of such risks, leaving them more vulnerable than ever. What cybersecurity threats and trends will we see in 2019 and how best can organisations defend against them?
The rise of cyber crime
The increase in cyber crime can be broadly attributed to three main reasons. Firstly, there is a new breed of criminal that looks to exploit gaps in online and banking security. They are smart, organised and highly professional, and can be a nightmare to defend against.
Another factor is the way technology has evolved. There are data trails all over the internet now, meaning a whole host of areas to target and exploit, while the internet of things has also increased vulnerability.
Finally, the threat is so much more varied than before. Not only are there criminals looking for a quick profit, but disgruntled former employees, rival businesses, governments and many more can all attempt cybercrime, perhaps not always for purely financial purposes but to certainly target data and intellectual property.
The threat in 2019
If 2017 saw the mainstream emergence of ransomware, with the WannaCry and NotPetya variants especially prominent, then 2018 was the year of the data breach. In the year that saw GDPR begin, organisations such as Marriott, British Airways, Facebook and Uber all saw major data breaches that impacted millions of customers around the world.
2019 may well see more of these threats, but will most likely also feature some of the following methods of attack too:
Advanced IoT botnets
internet of things (IoT) botnets can be hugely powerful as so few things that connect to the internet are secured effectively. While organisations are tightening their defences, the botnets are also getting smarter and it’s much harder to patch things compared to a computer. With botnets operating in swarms to target vulnerabilities in a network or infrastructure, these will be a major threat in 2019.
Crypto-crime
cryptocurrency continues to become more mainstream, and as it does, so crypto-crime increases with it. This involves criminals taking control of a device or network of devices to use them for crypto mining, which when done effectively can mine crypto currency at a very fast rate leaving virtually no time to react.
National infrastructure attacks
these attacks are becoming more common, whether it’s a hostile state targeting another country, or a hacker seeking financial gain. National infrastructures are not known for their robust cyber defences and can be seen as vulnerable and with moves towards more virtual infrastructures, this vulnerability to cyber attack will only increase.
Increasing strength of ransomware
although not new, ransomware remains a prominent form of cybercrime and will continue to be into 2019 and beyond. It can be truly devastating to an organisation that gets hit and is relatively simple for a hacker to deploy. While the volume of ransomware has probably peaked, the strength and potency of attack will only grow.
Cyber security and continuous defence
This all means that cyber security, more than ever, needs to be viewed by the board with the highest importance, and the appropriate defences and resources allocated to properly defend against attack. Prevention is by far the best form of defence and this requires constant vigilance, a continuous defence and the right tools to manage it all.
As hackers grow more professional, so must the defences required to keep them out. Internal teams often lack the most current expertise and skill-sets, and the nature of the modern cyber threat requires almost real-time assessment, reporting and compliance to combat it.
To deliver this entails the involvement of highly trained and proficient third-parties, adept at warding off hackers, in conjunction with the best digital tools to enable the real-time monitoring of threats, ensuring digital cyber security is a continuous and on-going process.
Oxial’s years of experience in risk management, IT security and compliance mean it is highly effective in managing IT risk. It can provide an organisation with a real-time and integrated view of all risks, measure and quantify those IT risks and will also harmonise IT controls reducing duplication of effort and overheads.
For further information on how Oxial can protect your organisation against the cyber threats set to emerge in 2019, please visit here.
Read our last article about risk management software.