With the New Year Comes Some Old and New Threats
By: Frank J. Ohlhorst
As 2017 comes to a close, there have been many lessons learned in the world of InfoSec. Lessons such as complacency only leads to data breaches, and those looking to steal data will always strive to find new and innovative ways to infiltrate systems. Those observations are just the tip of the iceberg, InfoSec threats are continuously on the rise, and the only way to properly battle those threats is with due diligence, and more importantly, securing the network edge, as well as validating whom has access to what and when. For 2018, the threat landscape will grow, become more complex, and more difficult to navigate.
One of the largest targets for cybercriminals will be the growing IoT (Internet of Things) ecosystem, where devices that are not properly secured could become the avenue for attack. With IoT, there are two primary factors that spell out security problems. The first of which being the lack of standards on how the devices are integrated into networks, the second being ignorance, where both vendors and adopters turn a blind eye to the need to secure those devices. Attacks are likely to increase in 2018, and as IoT becomes more sophisticated, there is a likelihood that the attacks may become more damaging. Those adopting, or growing IoT must do a better job at securing the devices, as well as the networks the devices communicate over.
2018 also brings with it additional InfoSec concerns, such as the theft of metadata, which can be used to infiltrate systems. 2017 saw massive breaches, where millions of records containing metadata, such as user data, was stolen. Cybercriminals will surely be mining that metadata throughout 2018 to uncover usage patterns, reveal passwords, acquire email addresses, and create algorithms that can reveal logon information, leading to damaging breaches and data exfiltration.
2017 saw a huge increase in attacks designed to trick users into revealing sensitive information, such as account numbers, digital credentials, and so forth. New techniques, such as robocalls, automated texts, better-crafted emails, and so on, led to an increase in sensitive information being released, and systems breached using that information. In 2018, those attacks will grow, and become more convincing, with captured metadata and social media information powering the narrative of interaction. Simply put, 2018 will have more people fooled more of the time, leading to potential breaches.
2018 will present additional challenges when it comes to securing personal information, such as how attackers will be using technologies such as ML (Machine Learning) and AI (Artificial Intelligence) to further their data exfiltration goals. ML and AI are getting easier to deploy, the tools are more readily available, and cybercriminals are experimenting more and more with the capabilities offered. One particular area that will be of concern is the rise of the Chatbot, where AI can be used to impersonate a human, and gather critical information from the unsuspecting.
Ransomware attacks will be an ever-present threat in 2018, especially as the attacks become more sophisticated, and harder to detect until it is too late. Automated tools, the growth of cryptocurrencies, and the increase in data movement will lead to more devastating ransomware attacks that will be increasingly difficult to detect.
While some of these predictions have the distinct feeling of “doom and gloom”, proactive IT security managers can lead the battle on those threats by adopting better security technologies, and more importantly, better security practices. For some time now, the IT industry has been predicting the death of the password, and the rise of new authentication technologies. While eliminating passwords is a good starting point, it is not an easy one. So many IT systems and applications are built around the username/password dynamic, and instant replacement for password-based authentication is not an option.
However, IT administrators can strengthen practices and policies by instituting multifactor authentication (MFA) as a way to reduce the possibility of breaches. When configured properly, MFA can eliminate the threats posed by stolen credentials, metadata mining, phishing attacks, chatbot gathered information, and countless other attacks that use subterfuge and data gathering to reveal user account information. By combining several elements, such as user account name, passwords, PINs, keys, challenge questions, and so forth, secure access can be maintained and IT is given a better indication of the who/what/when/where of access is.
For more information on implementing 2FA, please visit the AuthAnvil by Kaseya web site.
Frank is an award-winning technology journalist and IT industry analyst, with extensive experience as a business consultant, editor, author, and blogger. Frank works with both technology startups and established technology ventures, helping them to build channel programs, launch products, validate product quality, and create marketing materials, author case studies, eBooks and white papers.