Article

Rick McElroy
Rick McElroy 13 December 2017
Categories Technology

How secure is your customer data in a world of ransomware, malware and data breaches?

It’s been an almost perfect storm of data breaches, ransomware, and malware in 2017. Data breaches have continued and ransomware has kicked up a gear with major attacks such as WannaCry, Petya and BadRabbit causing havoc around the globe. Rick McElroy, Security Strategist at Carbon Black, look at the three most important trends this year, and provides his predictions for 2018.

According to the Ponemon Cost of a Data Breach 2017 Report, $3.62 million is the average total cost of a data breach and $141 is the average cost per lost or stolen records. There is also a 27.7% likelihood of a recurring material data breach over the next two years to companies for companies that have been compromised.

So what were the main trends that played out in 2017 and what are we likely to see happening in 2018?

Trend 1 - Nation states attacking more

One clear trend has been the mainstream visibility of nation states being involved in cybersecurity incidents. Countries have always been involved in cyber-espionage and in 2017, this has become more apparent. Not only that, but tools used by intelligence services have now fallen into the hands of cybercriminals. The biggest of these was the NSA Shadow Brokers release as well as the Vault 7 and Vault 8 leak onto Wikileaks.

The tools that intelligence agencies have spent millions of dollars on have become commoditised.

Trend 2 – Unknown mobile devices are on the network 

I was speaking to a CIO and he told me that on his network there were around seven or eight devices per person. Not just mobile phones, tablets and laptops, but also fitness trackers, etc. Keeping track of all of these will be a challenge for security teams as security solutions need to cover everything hitting the network.

Trend 3 – Keeping up with threats in the Cloud

Another big trend has been trying to secure everything in the cloud as organisations start to adopt more cloud services and transition more of their IT into the cloud. So how do security teams know what is happening in all their clouds? How do they know what third parties are accessing their cloud? There has been a greater focus by hackers on attacking cloud networks this year and I only see this increasing in 2018.

Prediction 1 for 2018 - Nation-state actors including Iran and North Korea are likely to increase cyber-attacks and Russia will engage in more cyber electioneering following efforts in 2016 

Malign nation state actors now have the playbook and they know what to do in order to affect elections in the west. It’s further likely that these and other nation-state actors become emboldened following the non-response from the United States. If you have a system connected to the internet, you are part of cyberwarfare in some fashion. 

Attackers won’t go straight to an organisation, they’ll use nested hacking of people to get to the data. There will also be a lot of social engineering to spread disinformation in order for them to destabilise other countries.

Prediction 2 for 2018 - Ransomware will continue to be a major problem

Ransomware will become more targeted by looking for certain file types and targeting specific companies such as legal, healthcare and tax preparers rather than the ‘spray and pray’ attacks we see now. In particular Brazil has become a hub for ransomware development. Why? They have trained a lot of college kids to write a bunch of code but they didn’t have jobs for those kids to go into, so now they have ventured to the dark side. Also, ransomware developers are refining this malware to make it more effective. To fix the problem of ransomware, the entire world has to stop paying ransoms. Also, organisations need to bolster their disaster recovery and resiliency efforts.

Prediction 3 for 2018 - IoT based DDOS attacks will have a major impact on services

These have happened in the past and will continue to do so in the future. Organisations have staff trying to cope with a thousand devices to secure and will then have to cope with securing tens, perhaps hundreds of thousands, even millions of devices. Most likely with no extra resources. This is going to be a continuing challenge.

Prediction 4 for 2018 – the rise of offensive AI

Artificial intelligence will be increasingly used by cybercriminals to carry out attacks on infrastructure. 2018 will be the year will see attacks using machine learning to outwit security systems. Some people working on AI may be tempted to go over to the dark side and use their knowledge for illicit gains.

The importance of securing the endpoint

What we have faced and what we expect for next year means that for enterprises the endpoint is the new perimeter to defend. The data lives on the endpoint, so you have to provide great security where the data is. The trends we have seen mean that our solutions need to adapt to combat these trends and the threats they bring.  With attacks on the rise we expect a sharper increase in security awareness and spending.  Evolving threats and sophistication of tools available to attackers means that 2018 isn’t the year to accept risk.  We recommend that companies are far more risk adverse than in previous years, because if we have learnt one thing it is that would be malign cyber actors are waiting to capitalise on past mistakes.

Please login or register to add a comment.

Contribute Now!

Loving our articles? Do you have an insightful post that you want to shout about? Well, you've come to the right place! We are always looking for fresh Doughnuts to be a part of our community.

Popular Articles

See all
Digital Marketing Vs. Traditional Marketing: Which One Is Better?

Digital Marketing Vs. Traditional Marketing: Which One Is Better?

What's the difference between digital marketing and traditional marketing, and why does it matter? The answers may surprise you.

Julie Cave
Julie Cave 14 July 2016
Read more
7 reasons why social media marketing is important for your business

7 reasons why social media marketing is important for your business

Social media is quickly becoming one of the most important aspects of digital marketing, which provides incredible benefits that help reach millions of customers worldwide. And if you are not applying this profitable...

Sharron Nelson
Sharron Nelson 6 February 2018
Read more
Top 10 B2B Platforms to Help your Business Grow Worldwide

Top 10 B2B Platforms to Help your Business Grow Worldwide

Although the trend of a Business to Business portal is not new but the evolution of technology has indeed changed the way they function. Additional digital trading features and branding has taken the place of...

Salman Sharif
Salman Sharif 7 July 2017
Read more
Collection Of The Best Email Testing Tools Online

Collection Of The Best Email Testing Tools Online

Don’t be afraid of email testing. There are many free or freemium tools online that can help you with testing your SPAM score, deliverability and even the rendering of your email. We feature 30 email testing tools in...

Roland Pokornyik
Roland Pokornyik 31 October 2016
Read more
Three Major Google Algorithm Updates That Changed SEO - Are You Compliant?

Three Major Google Algorithm Updates That Changed SEO - Are You Compliant?

Search Engine Optimisation has become so much more than fitting keywords into the page and fine-tuning your meta data. In recent years, Google has introduced a series of algorithms that take machine learning to new...

Matt Cayless
Matt Cayless 7 August 2018
Read more