Cyber crime isn’t likely to let up in 2018; industry experts predict it will only increase. Ransomware attacks, hacking of items in the Internet of Things (IoT)– internet-enabled devices attached to common objects, including consumer electronics (such as fitness monitors) and industrial machines – and credential theft will continue to be key methods for hackers. Given this activity, cyber security spending is likely to increase and, with it, a need for qualified cyber security professionals to neutralize threats.
Technology is sure to advance in 2018 but, unfortunately, that includes the bad with the good. Cyber crime is on the rise, and those in the cyber security field are having a hard time keeping up. This is bad news for the individuals and organizations that become victims.
However, understanding what to expect is one way to stay ahead of the criminals. The following trends are the key areas to examine in the coming year.
Increase in Ransomware
As inconvenient and expensive as it is for victims, ransomware is cyber crime vector that works well for criminals. That’s why its use will continue and even increase in 2018.
In these cases, the criminals freeze an individual’s or company’s files and promise to unfreeze them after a ransom is paid.
Ransomware attacks increased fivefold in 2016 and the number of attacks on corporate users more than doubled. Experts predict that the amount of money requested is likely to go up as criminals become more confident. Perpetrators are also likely to widen their activities beyond desktops and laptops to include tablets and smartphones.
The biggest problem with ransomware is that sometimes the only way to get the encrypted data back is to pay the criminals, which brings more funds and attracts more criminals to this ecosystem.
“As a result, we are seeing new cryptors appear almost daily. Companies and regular users can protect themselves by implementing regular back-ups, using a proven security solution and keeping themselves informed about current cyber security risks. The ransomware business model seems to be profitable and safe for criminals. The security industry and users can change that just by implementing these basic measures.” – Fedor Sinitsyn, senior malware analyst at Kaspersky Lab
Internet of Things
The more prevalent IoT objects become, the more vulnerable individuals and companies are to becoming cyber crime victims.
In 2016, BI Intelligence reported that hackers were able to gain access to more than one million connected devices, primarily connected cameras that consumers and businesses use for monitoring. Hackers were then able to generate data and webpage requests that took their targets offline. This was one of the largest ever breaches of connected devices at the time.
To avoid such attacks, businesses must develop information assurance plans that include these devices. Cyber security strategies should include knowledge of how, when, and by whom these devices are being used.
Some cyber crime depends on people rather than technology. Those with malicious intentions deploy seemingly legitimate tricks to get credentials from someone inside a company, such as their username and password, and then use those credentials to gain access to company data.
Josh Goldfarb, chief technology officer of emerging technologies at FireEye, says: “Traditional detection methods tend to focus on identifying malware (malicious software), but attackers frequently breach organizations without using any. This could be as simple as sending a spear phishing email to an employee – a seemingly legitimate email that tricks users into handing over sensitive information, such as company login details. Attackers can use this information to break into the network. Organizations relying on traditional detection methods will miss this.”
Similarly, individuals need to beware, even when performing basic online shopping tasks.
As many companies and consumers are slow to catch on, and because rewards for criminals can be high, this tactic is likely to continue to be used into 2018.
Increase in Cyber Security Spending
Given these threats, it’s no surprise that cyber security spending is expected to increase in 2018.
Steve Morgan, founder and editor-in-chief at Cybersecurity Ventures states: “We expect worldwide spending on cyber security products and services to eclipse $1 trillion for the five-year period from 2017 to 2021. We anticipate 12–15 percent year-over-year growth through 2021, compared to the 8–10 percent projected over the next five years by several industry analysts.”
Based on the Cybersecurity Market Report, many entities — including the federal government — plan on increasing spending significantly from 2016. The report notes that companies are challenged with maintaining information assurance, given the dramatic rise in all types of cyber crime.
Due to the expectation of continued cyber crime activity, and a related increase in cyber security spending, skilled cyber security professionals are needed in both the public and private spheres.
Individuals with an interest in technology and a desire for a good salary, professional challenges, and upward mobility should consider this quickly growing field.
Where do you think the cyber security profession and industry is heading in 2018?