Cyber security challenges of 2018

21 February 2018

While 2017 was a year of widespread global malware attacks and some seriously big data breaches, 2018 is set to be an interesting year for cyber security.

Thanks to the notoriety of some of these events, many organisations are prioritising cyber security more than ever before (especially in industries such as health and education).

However, malicious cyber activity against Australian organisations is continuing to increase in frequency, scale, sophistication and severity. The reach and diversity of cyber adversaries is also expanding, and their operations against both government and private networks are constantly evolving.

New regulations and greater privacy requirements will also take effect in 2018. To begin the year, there are new laws that require Australian organisations to respond to data breaches of personal information that could result in serious harm to the affected individual. Additionally, many Australian businesses will be subject to the European Union’s General Data Protection Regulation (GDPR) from May 2018.

As businesses remain under constant pressure to stay resilient and protect their networks in 2018, here are our thoughts on some of the biggest cyber security challenges they may face.

1.  Would-be crims will grow in number exploiting known vulnerabilities

For some time, cyber criminals have been selling their malware products to others lacking the skills. This ‘crime-as-a-service’ has become very popular and more variants and services are becoming available. Ready-to-use ransomware kits are particularly popular and cryptocurrency mining malware is on the increase. While it may not lock up your data, this cryptocurrency mining malware exploits your systems’ processing power and can cause a significant headache for businesses.

This opportunistic targeting is simple and cheap, and will continue as long as organisations and individuals fail to implement baseline security.

We can therefore expect to see more unsophisticated malware attacks with widespread effects, particularly targeting known network vulnerabilities.

2.  Increased sophistication will be used to target high-value networks

With social engineering techniques soaring to new heights we will likely see some of the most sophisticated targeting of high-value networks, fooling even the most informed individuals. Legitimate communications are becoming almost indistinguishable from social engineering attempts. Robust technical controls will be increasingly important to protect networks from this kind of malicious cyber activity.

Critical infrastructure and critical services will likely continue to be a popular target for sophisticated attacks, to either cause disruption or extort money.

3.  Supply chain targeting will continue to be popular as third parties prove to be a weak link

Sophisticated cyber activity against third-parties—vendors that provide services to a company or agency—will likely increase.

As it has become more difficult to directly compromise high-value targets, adversaries are seeking secondary or tertiary access to those networks. Companies that provide products or services through outsourcing arrangements are highly attractive in this regard. The extent of the threat is largely dependent on the relationship between the outsourced provider and customer, in particular the extent of the provider’s access to client networks and databases.

Managed service providers will continue to be particularly attractive targets as they have a broad range of customers, connectivity and access to their customers’ networks and data.

4.  Internet of Things (IoT) will create further risks

The risks associated with IoT will continue to grow as more and more smart devices, gadgets and equipment flood the market alongside new attack surfaces being exposed in autonomous systems such as self-driving vehicles.

In 2018 we expect to see more consumer pressure on manufacturers to include security controls while businesses grapple with what information is leaving their organisation, the legal exposure they may face and the risk to their networks.

Additionally, adversaries are likely to continue exploring IoT devices (such as CCTV and HVAC units) as an attack vector for air-gapped systems in government and industrial networks.

Many of these challenges can be handled by implementing the Australian Signals Directorate’s Essential Eight Mitigation Strategies and the Strategies to Mitigate Cyber Security Incidents more broadly.

With unexpected challenges also likely to present throughout the year, no doubt Australian businesses will continue to grow in resiliency and develop innovative solutions to protect their networks.