In the field of IT security, new threats are constantly emerging. Cyber criminals continue to evolve more sophisticated technologies designed with the sole purpose of compromising an organisation and extracting valuable, confidential data, or disrupting essential services. In order to develop an IT security strategy capable of effectively anticipating and coping with cutting-edge security threats, it is increasingly important to know what’s on the horizon. What follows are some of the biggest threats anticipated in 2019.
The last few years have seen a dramatic increase in ransomware attacks – software that holds a victim’s data hostage through encryption and then demands payment for a key. Notable examples include 2017’s WannaCry attack, which infected over 200,000 computers and the NHS, FedEx, and the Russian Interior Mystery.
This ruthless software can be extra effective when deployed through notoriously easy-to-exploit devices connected to the Internet of Things. Connected devices, from manufacturing equipment to driverless cars, often have weak security and prominent vulnerabilities which can be exploited to transform these devices into ‘gateways’, through which malicious software can be introduced to a network. If your organisation makes use of IoT devices, it is important to ensure that their security features are enabled and that employees are educated on the threat of ransomware attacks.
Software supply chain attacks implant malware into a signed and trusted application. When the software is updated, the implanted malware is distributed to a huge pool of unwitting victims, who have no reason not to trust the software they are using. A prime example of this sort of attack is NotPetya, the devastating malware that infected systems around the world in 2017 and cost companies billions in damages. NotPetya initially gained access to corporate networks after the malicious payload was injected into an update to a Ukrainian tax software tool.
2018 saw a surge in the popularity of these sorts of attacks. There’s no one straightforward solution to protecting against software supply chain attacks, but there are several precautions you can take to minimise the risk of infection. Testing new updates in closed environments before deploying them, regardless of your confidence in their legitimacy, is always good practice. Even if the update is legitimate, sandbox testing may help to catch unanticipated compatibility issues.
It is a long-held truth of hacking that the weakest link in any system is often the user. Unfortunately, this means that criminals and criminal groups without sophisticated cyber expertise pose just as severe a threat to your IT security as the latest in innovative ransomware or malware. Applying threats of violence, blackmail, or other forms of intimidation to critical individuals with privileged access to information assets in your organisation could prove just as effective in compromising your security as any cunningly executed malicious code.
Best practice for safeguarding against these threats is to identify, educate, and protect privileged individuals. From higher executives to personal assistants and system administrators, your first step to preventing a coercive attack is to recognise who poses the highest risk. Once you have identified these individuals, educate them on social engineering techniques and security measures. You may also want to invest in security for these individuals, and to further protect your organisation, modify your hiring policies and employment contracts for incoming employees due to be granted privileged access.
As AI technology develops apace, possible malicious uses for this technology continue to multiply. At the Blackhat conference last year, for example, IBM presented DeepLocker, an AI-driven malware capable of intelligently identifying vulnerable targets, minimising the risk of detection. DeepLocker showcased the potential for AI to be harnessed for malicious ends, but it also demonstrated that this technology is still in its infancy. Evasive malware isn’t a new phenomenon, nor one dependent on AI technology to be achieved.
Far more dangerous for organisations in 2019 are the unintended effects of choosing to implement AI as part of a benign process of automation and optimisation. AI is still a young enough technology that it is prone to errors. AI may, for example, introduce vulnerabilities by connecting to an unsecured network or authorising untrusted software (software that could potentially contain a malicious payload). It could also misinterpret commands, leading to unpredictable outcomes. To prevent cases like these, it is important not to rush to deploy AI without first ensuring you have the correct safeguards in place, from talented staff capable of managing AI systems, to policies and processes designed to provide oversight of AI decision-making.
Like AI, blockchain technology offers seductive possibilities for forward-thinking organisations. But as another infant technology, blockchain also suffers from vulnerabilities. From weak encryption to poor key management to insufficient employee training, the potential problems arising from the implementation of blockchain security are at least as many as the potential benefits. Ensuring that you fully consider the implications of introducing blockchain technology into your organisation before making any commitments will go a long way to mitigating potential disasters.
IT security is an essential component of any organisation. Regardless of the newly emerging and constantly evolving threats to your organisation’s cyber security, the most effective strategy always begins with forethought and expertise. A robust strategy recognises the need for expert IT support capable of delivering at every stage: from IT security training to remote monitoring and maintenance and efficient disaster recovery.
Get in touch with our IT support team today to discuss how CARA can provide your organisation with the support you need.