The year 2017 has witnessed many cyber-attack events. It has seen many major data breaches, threats, and attacks. Major data breaches that took place in big companies like Equifax, Verizon, and Kmart. Petya and Wannacry ransomware were the most trendings in the year 2017. One good news about 2017 is that the global average cost of a data breach is $3.62 million (10% down when compared to previous year) but the sad news is the average size of the data breach was increased nearly to 2%.
Cybersecurity experts predict that the same thing would continue in the year 2018. Cybersecurity experts say lots of awareness is needed for the internet users. We can expect big attacks, data breaches, new threats, and Ransomware in the year 2018. Along with this, we can see many new types of attacks in the cyber. The targets could include different fields like government, corporations, public bodies etc.
Experts have listed some of the Cyber Security trends in 2018:
- GDPR (General Data Protection Regulation):
It’s a new compliance that is going to come in action from last week of May, 2018. This compliance is for those who work with European (EU) citizens. This compliance explains how the Companies should process, store, and secure the EU citizen’s data. If you don’t follow this compliance properly then you could be fined up to 20 million euros.
- Use of AI (Artificial Intelligence) and Machine learning raise the cyber defense level:
AI and Machine learning will play a major role in the defense against cyber-attacks. Machine learning can predict the fore-coming attacks. This would help in improving the prevention techniques and be prepared that attack. However, there is a fear that what if the attacker exploits the machine learning
- Target on IoT:
Now IoT is in boom and trendy but the security in IoT is not up to the mark. IoT lacks the basic security measures. IoT interconnects many devices so, if one device is compromised then the whole network could be compromised. This Is could result in complete shutdown of the network or could result in data compromise.
- Defeating the sandboxing technology:
Sandboxing is a good way to run the un-trusted application. It has become the standard in many enterprises. Although the sandboxing is a powerful way to protect against un-trusted applications it is failing against new attacks. The attacks are becoming so sophisticated that it can bypass the sandbox. An additional layer of security would be required for the sandbox to protect against new attacks.
Experts predict that the ransomware attacks could take place in 2018. The attacker could do digital extortion campaigns. This time the attack would be even worse. The attacker could target the enterprises which don’t come under GDPR.
- Increase in Mobile Threats:
Cybersecurity experts have predicted that we would see a major malware infection in the Android App Store. This would infect the majority of the mobile user (Android users). We could also see widespread mobile ransomware that is believed to be spread through SMS/MMS.
- Biometric exploitation:
Biometric is being used in almost every field. This provides the user a different and easy way to authenticate. The use of biometric is rapidly increasing. This growth will continue in 2018 also. Already the mobile devices have come with the fingerprint and facial recognition. Experts have predicted that we would see first biometric-based exploit through fingerprint or facial recognition.
- Data breach:
As there was a major data breach in many of the big companies in 2017, the experts have predicted that we would see at least 3 major data breaches which would compromise 100 million accounts from each company.
This time the attack could possibly result in loss of human lives as it also targets healthcare sector.
- Shortage of skilled professionals:
The scarcity of trained security experts will continue this year also. Companies are offering good pay for security experts but they are seeking difficult to fill the vacancies in the security department. The companies should again look back to outsource the security experts.
- Common security standard:
Every organization has fear about Cyber-attack. Even though they follow many of the best frameworks, they are feeling insecure. Experts predict that the organizations and security experts from different part of the world come together to frame a common security standard. This will be a collaborative teamwork to prevent the cyber-attacks.
- Testing and Patching the Security:
Testing is a part of development but most of the time it is overlooked. Security testing plays main role in the knowing the flaws and strengthening the immunity against the attacks. If we notice the attacks in 2017, it is all due to known vulnerabilities. If the companies would have patched these vulnerabilities they could have escaped from the attack. Security experts advice to take testing as a serious issue and patch the patches regularly.
The attacker would continue to hijack the controls of Industrial controls, IoT, automation and transportation. The owner cannot retake the controls until they pay ransom to the attacker.
- New Compliances:
New compliances on Incident management and Response would come based on the research on the attacks that took place in 2017. Already there are many compliances are there but this would be like improvement in the existing ones. Although implementing this doesn’t help you to completely prevent attacks.
Cyber-insurance is not a new concept. It is existing for many years. In 2018, the use of cyber-insurance would considerably increase.
- The attack on Blockchain systems and crypto-currencies:
The rate of attack on crypto-currency and blockchain is very less. some of the Blockchain systems would go for weak cryptographic algorithms to increase the speed but this could be exploited. Experts say, there could be attacks on Blockchain in 2018 due to this vulnerability.