With a turbulent 2017 finally behind us, what’s the cybersecurity forecast for 2018? Some predictions need no crystal ball – the cyber labor shortage will continue, spending on security solutions will go up, the breaches that do occur will be bigger and messier. But what else is in store for 2018? Morphisec’s VP Sales Arthur Braunstein, VP Product Netta Schmeidler and our co-founder Dudu Mimram weigh in.
Adversaries Will Refine the Ways they Monetize Attacks
Cybercriminals will exploit regulatory and reporting requirements to demand higher ransoms. For example, leveraging their ability to halt operations at the end of a financial quarter. Companies will pay the ransom to keep incidents under wraps and avoid the GDPR penalties. At least one company will be put out of business, to ‘send a message', and others will sustain permanent damage.
Attacks will Increase in Frequency, Ferocity, Scale and Speed
Cyberattacks will assume an expeditionary character, timing different phases for maximum effect. For example, as the damage from one attack is being cleaned up, another massive attack will follow. Sleeper attacks will be staged in advance, within enterprises and innocent botnets, for activation at zero-day.
Fileless Attacks Will Become the New Normal
Fileless, in-memory attacks will become part of the hacker’s every day toolkit. A dedicated layer to protect OS memory will no longer be an optional part of a defense-in-depth strategy.
2018 Will be Crunch Time
Up to now, despite the sheer volume of attacks, organizations have been biding their time, not committing to any specific technology, instead adding on mediocre modules from existing vendors. In 2018, the magnitude of the public impact of attacks will force organizations to really invest in cyber defense: from the boardroom on down. GDPR will be a driving force in this direction, but not the only one.
Supply Chain Attacks Will Increase
We’ll see more malware infected versions of legitimate software delivered via companies’ own systems of installations and updates. Attackers will increasingly exploit the digital supply chain, abusing trusted channels to obtain a foothold within the environments they are targeting.
2018 will be the year where we will see the first wave of attacks which are powered by AI. With AI technology becoming accessible to everyone, it will be used by attackers to make attacks faster and smarter. For example, organized cybercrime groups will use machine learning in their attacks on financial institutions. We will get adaptive, intelligent attacks at mass scale. Moving Target Defense will be one of the only current defense genres that will be able to cope with that wave.
Exploits Using Info from CPU Vulnerabilities
We’d be remiss if we didn’t add this prediction from Morphisec CTO and expert security researcher Michael Gorelik based on last week’s revelations about the Meltdown and Spectre CPU vulnerabilities. The Meltdown and Spectre vulnerabilities potentially expose the internal memory structure for cybercriminals to utilize at will. Expect many more exploits in the near future leveraging information harvested by Meltdown and Spectre as a pre-stage to remote code execution. In particular, Spectre, which is still not really patched and allows a process to read its own memory outside the sandbox, will allow attackers to develop trivial exploits to bypass browser, Office and Acrobat sandboxing and eventually remotely execute code on compromised systems.