Internet penetrates our lives and cyber security is highly important now. It is impossible to avoid cyber crimes in the future but we need to do all in our power to reduce it. Let’s discuss some cyber security predictions for the next year.
Internet of Things security
Internet of Things or IoT vulnerabilities can became more critical and dangerous than today. It is very difficult to regulate such IoT devices. The regulation laws must improve security and privacy. If Europe starts enforcing Internet security regulations with penalties that make a difference, we might start seeing IoT security improve.
2019 will be a challenging year for the Industrial IOT (IIoT) industry. Hackers know that these companies are now online and more connected than ever, which increases vulnerability. Security is crucial, because a hack could spell life-or-death for consumers. For example, if a car manufacturer’s assembly line was hacked, it could cause vehicle malfunctions, endangering passengers and causing reputational and liability problems for the company. For these reasons, we will start seeing more cyber-security companies targeting this market with solutions. To effectively manage the expected influx in cyber events, IIoT organizations will need to increase spending on cybersecurity initiatives.
Smart homes are the newest trend to grow by leaps and bounds this year and we can connect everything from lights, toasters, door locks, cameras, thermostats, and even refrigerators to our networks. While this initially seems like a cool and convenient way to automate processes in our home, these items aren’t rigorously tested from a cybersecurity perspective. Hackers can exploit unknown vulnerabilities present these connected devices to breach your home’s networks or to gain unauthorized access to your home without having to resort to traditional methods of breaking into the house.
The breaches like Equifax, OPM, and Anthem should take care about cyber security to avoid customers’ stolen metadata. In the future there will be more attacks attempting to subvert two-factor authentication, as sophisticated attackers set their sights on two factor authentication-protected accounts and use flaws in SS7 to redirect SMS text messages.
Attacks on USA Government
Very possible that DDOS attacks on US government will continue in 2019. The possibility is high that we will see the first major cyberattack on US critical infrastructure. In October, the FBI and DHS warned of advanced persistent threat activity targeting energy, nuclear, water, aviation, construction, and critical manufacturing sectors. The next year, a major compromise of a government agency’s online operations should come. It could be in the form of a data breach of personal information, defacement of websites, disablement of internal systems, or some combination of these.
Fake news were real problem in 2018 and in 2019 this going to be even more. Now with CGI, photoshop and voice-over technology, it’s almost impossible to tell if a photo or video is real or fake. Digital signatures and encryption enabled on trusted recording devices could help to reduce this issue, but the camera industry needs to include these options on equipment used by the news media.
GDPR and Consumer privacy
Data privacy and data security have long been considered two separate missions with two separate objectives, but all that stands to change in 2018. With serious global regulations kicking into effect, and with the regulatory responses to data breaches increasing, organizations will build new data management frameworks centered on controlling data – controlling who sees what data, in what state, and for what purpose. 2019 will prove that cybersecurity without privacy is a thing of the past.
Our Identity is no longer ours. Personally Identifiable Information (PII) is no longer valid since so much of it has been exposed in breaches over recent years. Everyone needs to acknowledge that they have been breached and are vulnerable and that attackers have more of our personal information than ever before. As a result, we will start to see new types of attacks that leverage the rich amount of PII that is publicly available. Given the huge pool of PII data collected it could be weaponized to cause massive attacks on major entities (e.g. government, financials, healthcare system, etc.), and the rich data they have on individual users could create uniquely sophisticated phishing/social engineering attacks that are undetectable and indistinguishable from the real thing, life-taker-over will be a possibility.
Cryptocurrency was a “killer app” and enabled and fueled the growth of ransomware and related ransom threats in 2018. This will continue to grow in 2018 to include holding identities for ransom. Users will receive emails or phone calls telling them that their SSNs and other information has been compromised (with evidence) and then instructed to pay via bitcoin to prevent the data from being leaked. Cryptocurrencies, including Bitcoin, Ethereum, Litecoin, and Monero, maintain total market capitalization of over $1 billion, which makes them a more appealing target for hackers as their market value increases. Several hacks against Ethereum have temporarily dropped its value in the past few years – we predict that in 2018, a major hack against one of these cryptocurrencies will damage public confidence to the extent that it never recovers.