2018 was a busy year for cybersecurity! The introduction of GDPR in Europe and changes to PIPEDA in Canada marked the regulation of personal data and privacy extending beyond national borders. Big technology companies felt the brunt of the penalties from them (Facebook). Hardware vulnerabilities reached new highs (Intel), and may even have been introduced into supply chains by nation-states (Supermicro)… All these headlines beg the question: could 2019 be even more action-packed? I posit: yes, it could be.
Here are my top predictions for 2019 in the world of cybersecurity features, threats, breaches, regulations, and their collective implications for businesses like yours.
Acknowledge the Letdown of AI and ML
Despite the promises of the marketing folks and the mathematicians, artificial intelligence (AI) and machine learning (ML) don’t seem to have significantly improved the protection end of the security landscape. Sure, their use in analysis and forensics are becoming common, but with so many false positives and negatives still out there, it remains unreliable at best (read more on why the human touch is still necessary here). My prediction is that tech-savvy businesses and consumers alike will see through the hype, and remain cautious when evaluating solutions whose differentiator is AI or ML.
Better Faster Stronger Ransomware
Demanding a ransom has proven very successful as a tactic for hackers to monetize their criminal activity in 2018. Yet, the software they use to achieve this is relatively simple, despite its ability to circumvent traditional prevention technology (because it’s not a virus, but encryption). My prediction for 2019 is that we see hackers’ technology catch up with the strategy, enabling faster encryption (read, destruction) of machines, and faster spreading of infection between them. Spoiler alert, detecting these new variants, and responding immediately, is going to be essential to overcome this new potential threat.
Ransomware attacks have shifted their sights from “grandma’s desktop” to SME servers (see our post on Why Paying Ransom Results in APTs for discussion around why), and I expect to see them move on to virtualized environments, by targeting the hypervisor specifically. This would also counter a defense that became widely known after high profile ransomware attacks in the last few years (WannaCry anyone?): running your OS within a virtual machine to ‘isolate’ it. Security researchers do this as well, to analyze malicious software without posing a risk to their own systems. However, hackers responded to that as well in 2017 with Cerber ransomware, which could detect whether it was running on a virtual machine.
The ease of ‘messing with’ Linux, the prevalence of virtualization, and the defense of separation that virtual machines offer both administrators and security researchers, the natural next phase of the evolution of ransomware is to target the hypervisor. I predict that we will see this evolution of ransomware in 2019.
Cloud Providers Will Go Down
With the increasing sophistication of threats, and the market’s increasing reliance on cloud infrastructure (Cloud Storage, SaaS, and IaaS), I predict that we will see a major cloud provider go down as a result of a breach in 2019. The “it’s not if, but when" doctrine of detection and response will hold true for these providers as well. This could potentially result in stolen data or even downtime (which might be the only way we come to understand whether my prediction was accurate or not).
A Stricter Internet for All
Given the global nature of threats and threat actors, and the possibility of nation-states funding, sanctioning, or actively initiating such endeavors, there is a clear need for protection to occur at a higher-order level than the edge, and the endpoint. My prediction is that in 2019 we will see a much stricter internet, with geographic blocking at the public level as a rule.
Global Privacy Regulation
The increased cooperation between the US and EU on regulating information flow, privacy, and custodianship is the sign of things to come. My prediction: in 2019 we will see the beginning of a global or near-global framework for regulating data, either in the form of an evolving Privacy Shield, new legislation put forward by the UN, or a merger of multiple frameworks.
There you have it, my predictions for cybersecurity milestones in the next calendar year. I’ll be happy to advise your business about them as they come to pass, in my capacity as your Virtual CISO. Of course, you’ll need to sign up for our MDR service to reap the benefit. That’s one thing I can recommend to get in front of the new threats we will see in 2019. Request a Demo to learn more.