Let’s face it: 2017 was a terrible year for cyber security with more phishing scams, ransomware, state-sponsored attacks, and new attack vectors. Will 2018 be better?
- GDPR will set a tone, for better or worse, and businesses should prepare on all sides. Companies who trade with the European Union will suddenly panic over GDPR requirements and just encrypt everything in a knee-jerk response. – Jonathan Giffard, sr. product manager.
- The decline of password-only authentication will accelerate. The Equifax and Anthem breaches were wake-up calls for many consumers, who are now asking questions about the safety of their online accounts. Most still have no idea about password alternatives or enhancementslike multi-factor authentication (MFA) or risk-based authentication, but they are more aware that passwords alone no longer are enough. In fact, research done by Bitdefender shows that U.S. citizens are more concerned about stolen identities (79 percent) than email hacking (70 percent) or home break-ins (63 percent).
- Malware will get smarter and threats more serious. Malware campaigns will use AI to make secondary infection decisions based on what they’ve learned from previous campaigns. – Gary Hayslip, chief information security officer. We will see the first health-related ransomware targeting devices like pacemakers. – Eric Klonowski, sr. advanced threat research analyst.
- State-sponsored attacks will increase. The usual suspects for state-sponsored attacks — North Korea, Iran, and Russia — don’t have much to lose by continuing their attempts to extort, steal, spy and disrupt by infiltrating information systems. All are already heavily sanctioned, and the consequences — at least those we know about — in response to state-sponsored attacks have been minimal.
- The boom in the IoT space will bring stricter oversight to device manufacturers. Data collected from IoT devices will be aggregated and used to develop an even larger, more involved picture of customers’ habits, constituting a major breach of privacy without consent.– Gary Hayslip, CISO
- Cryptocurrency will continue to rise and impending legislature is inevitable. Malware distribution will rise and fall in conjunction with Bitcoin value. – Christopher Cain, associate malware removal engineer
- Trust will be a casualty of the war on cyber crime. Who can blame anyone for mistrusting everything when it comes to cyber security? No one’s personally identifiable information (PII) is safe. Companies can’t count on the integrity of their suppliers’ and partners’ security capabilities. The U.S. government is even throwing shade on a leading providers of security software because it’s based in Russia. This lack of trust is starting to have a real effect on business that will continue into 2018. Uber did not help matters when it was revealed that the company hid a large breach for a year. It will be harder to engage consumers when they are reluctant to trust companies with their PII. As explained above, this will drive companies to provide stronger authentication.
Special thanks to Michael Nadeau, CSO and LeVar Battle, Webroot.