2018 saw a range of attacks on IoT infrastructure. Wicked, OMG Mirai, ADB.Miner, DoubleDoor, Hide ‘N Seek and Mirai-Variant IoT Botnets made their presence felt around the world. VPNFilter malware was behind the largest attack of the year with over half a million devices infected across over 50 countries. Such attacks will become more common over the next couple of years as the industry, government and other stakeholders come together to address the threat jointly.
2019 will see hackers go after content with increased zeal. This includes highjacking devices as a part of Advanced Persistent Threat attacks and using them to gain access to sensitive data and IP which could be held for ransom. Hackers have figured out a trend wherein businesses appear more willing to pay ransoms to prevent such data from being published online or on the dark web. Devices could also be hacked and held for ransom or to record conversations of value. Data poisoning wherein faulty information is fed into decision making systems to disrupt large systems will gain more traction from hackers in 2019. Publishing zero-day vulnerabilities without taking the vendor into confidence or giving them reaction time to patch devices creates a unique advantage for hackers as they can take advantage of such vulnerabilities to create widespread damage. This trend will persist in 2019, albeit with vendors turning more cooperative, lesser instances will come to the fore.
With more businesses using bots to log data in CRMERP or other business management software, the data accessed by such bots is becoming more critical with each passing year. By spoofing identity, hackers can gain access to critical systems and then use such bots to exfiltrate data. Since most of these bots are today working with very less monitoring, an attack could theoretically last months or even years, if they go undetected.
As geo-political faults expand, cyberwarfare has turned deadlier. Today, actors sponsored by nation states are investing in AI-based offenses to harass their adversaries. Geo-political attacks are now targeting critical industrial systems, utilities, smart devices, renewable energy farms, offshore oil rigs and more. With agencies finding it difficult to suppress information on such attacks from leaking out into the mass media, hackers are getting more aggressive as the impact of their work becomes more visible, monetarily rewarding and discussed. Sectors such as banking and financial services, healthcare, oil and gas and retail will continue to attract attention from hackers in 2019. The attacks will get more sophisticated and the attack signature will turn even paler as hackers use newer tactics and strategies to breach networks.
On the response front, as this article is being written, we are clearly seeing cybersecurity being addressed through “codes of practice” and “guidelines”. The government of California has openly come out with its resolve to make businesses do more towards securing their infrastructure and others will follow in 2019. What is still missing is a coordinated effort to address the problem at hand.
Cybersecurity will remain a half-hearted battle till all stakeholders join hands and launch a coordinated effort to curb the menace. Globally, cybercrimes cost $600 billion in damages in 2017. No nation is rich enough to afford such a huge loss individually or collectively. Instead, if this money were to be deployed for improving healthcare, generating employment and in improving civic infrastructure, the magnitude of the loss becomes more apparent. Hopefully, 2019 will be the year where we see more coordination between stakeholders. Such a collaboration is inevitable if we are to see lasting progress in the war on cybercrimes.