5 Cybersecurity Predictions for 2019
2019 is just around the corner, and with it will come a new wave of cybersecurity threats and pitfalls.
December 11, 2018
In 2019, cybercriminals and black-hat hackers will create malicious chatbots that try to socially engineer victims into clicking links, downloading files or sharing private information.
“As artificial intelligence and machine-learning technologies have improved over the past few years, automated chat robots have become increasingly common,” says WatchGuard’s says Corey Nachreiner. “Chatbots are now a useful first layer of customer support and engagement that allow actual human-support representatives to address more complex issues.”
Lifelike AI chatbots, however, also offer new attack avenues for hackers. A hijacked chatbot could misdirect victims to bad links rather than legitimate ones. Attackers could also insert a malicious chatbot into a site that doesn’t have one by using web-application gaps in legitimate websites. For example, an attacker could force a fake chatbot to pop up while a victim is viewing a banking website (for example), asking if they need help finding something. The chatbot might then provide a malicious links to fake bank resources. Those links could allow the attacker to do anything from installing malware to hijacking the bank’s site connection.
Beware the bots.
In 2019, targeted ransomware campaigns will focus on utilities and industrial control systems (ICSs). The average payment demand will increase by 6500 percent, from an average of $300 to $20,000 per payment. These attacks will result in dire consequences such as blackouts and loss of access to public utilities.
Over the past year, hackers have shifted to targeted attacks that come with more bags of cash. Launching ransomware against organizations that offer critical services increases the odds that the ransom will be paid.
“In 2019, cybercriminals will target public utilities and ICSs,” says Nachreiner. “These are vital services that have not yet been targeted by widespread ransomware attacks and therefore may not be as prepared for this type of attack. Cybercriminals know that any ransomware that can cause downtime to these services will get swift attention, allowing them to ask for considerably more money in return.”
If these attacks do indeed occur and are successful, we’re talking blackouts and gaps in water and power services — large-scale stuff.
“To summarize, expect to see fewer ransomware attacks next year, but more focused attacks – specifically targeted toward utilities and ICS – with ransom demands increasing by 6,500 percent,” warns Nachreiner.
According to CyberArk, a fun new strain of attack will be aimed at emerging “unique human identities,” which are newly engineered biometric markers for digital and physical authentication.
So very Black Mirror …
We recently saw the introduction of biometric fingerprints, voice and face ID authentication controls integrated into consumer devices (like your good old-fashioned smartphone). Attackers will most assuredly target identities to gather huge amounts of biometric data. Cybercriminals will likely go after genetic consumer-services and biometric stores within organizations, so beefing up security in those areas is essential.
In 2019, a new strain of fileless malware will emerge. This stealth, wormlike malware will be able to self-propagate through vulnerable systems — all while avoiding detection.
Fifteen years ago, the Code Red computer worm tunneled it’s way through hundreds of thousands of vulnerable Microsoft IIS web servers — one of the first examples of a fileless worm. Since then, both worms and fileless malware have impacted networks worldwide individually, but rarely as a combined attack.
“Fileless malware, which runs entirely in memory without ever dropping a file onto the infected system, continues to grow in popularity,” says Nachreiner. “Sophisticated attackers prefer this method because without a malicious file to scan, traditional endpoint antivirus controls have a hard time detecting and blocking fileless threats. This results in higher infection rates. Pair this with systems running unpatched and vulnerable software that’s ripe for worm exploitation, and you have a recipe for disaster.”
Remember the Shadow Brokers? These dudes wreaked havoc when they came on the scene, causing significant damage by releasing several zero-day vulnerabilities in Microsoft Windows. This led to two of the most damaging cyberattacks to date – WannaCry and NotPetya. “This isn’t the first time that new zero-day vulnerabilities in Windows fueled the proliferation of a worm, and it won’t be the last,” laments Nachreiner. “Next year, ‘vaporworms’ will emerge; fileless malware that self-propagates by exploiting vulnerabilities.”
A hacktivist organization or nation-state could potentially launch a coordinated attack against the infrastructure of the internet in 2019.
Think back to the Dyn disaster. The DDoS attack against DNS hosting provider, Dyn, took down many high-profile websites including Twitter, Reddit, and Amazon.com. Around the same time, security expert Bruce Schneier noted that attackers were probing several unnamed companies that provide similar critical internet services for potential weaknesses. A DDoS attack of this magnitude against a major registrar like Verisign could take down an entire top-level domain (TLD) worth of websites. Imagine the impact if every single .com address were no longer resolvable. Yeesh …
Even the protocol that drives the internet itself, Border Gateway Protocol (BGP) operates largely on the honor system. Only 0.1 percent of the internet’s autonomous system numbers (ASNs, collections of IP address routes under control of an organization) have deployed Route Origin Validation, meaning the other 99.9 percent are wide open, all but begging for hostile takeover from route hijacking.
“The bottom line, the internet itself is ripe for the taking by someone with the resources to DDoS multiple critical points on the internet or abuse the underlying protocols themselves,” says Nachreiner. “With nation-state and hacktivism attacks ramping up recently, we could see cyberattackers actually take down the internet in 2019.”
A hacktivist organization or nation-state could potentially launch a coordinated attack against the infrastructure of the internet in 2019.
Think back to the Dyn disaster. The DDoS attack against DNS hosting provider, Dyn, took down many high-profile websites including Twitter, Reddit, and Amazon.com. Around the same time, security expert Bruce Schneier noted that attackers were probing several unnamed companies that provide similar critical internet services for potential weaknesses. A DDoS attack of this magnitude against a major registrar like Verisign could take down an entire top-level domain (TLD) worth of websites. Imagine the impact if every single .com address were no longer resolvable. Yeesh …
Even the protocol that drives the internet itself, Border Gateway Protocol (BGP) operates largely on the honor system. Only 0.1 percent of the internet’s autonomous system numbers (ASNs, collections of IP address routes under control of an organization) have deployed Route Origin Validation, meaning the other 99.9 percent are wide open, all but begging for hostile takeover from route hijacking.
“The bottom line, the internet itself is ripe for the taking by someone with the resources to DDoS multiple critical points on the internet or abuse the underlying protocols themselves,” says Nachreiner. “With nation-state and hacktivism attacks ramping up recently, we could see cyberattackers actually take down the internet in 2019.”
Throughout 2018, the threat landscape has been a rocky one. Breaches at every turn, new rules and regulations to navigate, and competition tossing businesses and providers about like a boat on a choppy sea.
With 2019 just around the corner, we wanted to share the lowdown from a few experts on the impending challenges and threats we will face so that businesses, providers and partners can batten down the hatches accordingly and better prepare for the new wave of threats.
WatchGuard’s Corey Nachreiner
“Cybercriminals are continuing to reshape the threat landscape as they update their tactics and escalate their attacks against businesses, governments, and even the infrastructure of the internet itself,” says Corey Nachreiner, chief technology officer at WatchGuard Technologies. “But, there is hope for preventing them. Organizations of all sizes need to look ahead at what new threats might be around the corner, prepare for evolving attacks and ensure they’re equipped with layered security defenses to meet them head-on.”
There you have it. Scroll through our slide show for our 2019 cybersecurity predictions, and get to battening.
Read more about:
MSPsAbout the Author(s)
You May Also Like