cyber trends
won’t suspect the presence of malware
activity if the computer is noisier and
consumes more power than usual.
GDPR
According to Nok Nok Labs’ CEO
Phil Dunkelberger, ‘the global
regulatory environment will become
more challenging as regulators and
governments worldwide continue to
strive to implement better data privacy
protection as was done with GDPR.
While this is great progress, we’re going
to see these governments counter to
gain more access to information.’
General Data Protection Regulation
(GDPR) offers an innovative framework
that the European Union has enacted to
augment data protection requirements
with amplified responsibilities and
obligations for organisations. For global
organisations that fail to adapt to this
change, fines for non-compliance
can reach up to €20 million or 4% of
worldwide annual turnover, whichever
is greater. By early 2019, around 80%
of multinational companies may fail
to comply with GDPR if they do not
understand modern data protection
regulations. GDPR will almost certainly
force many multi-national companies
to be more accountable for its use and
collection of customer data.
Rapid rise of identity theft
Identity thefts are skyrocketing, and
criminals are using more sophisticated,
multistep frauds to grab information
about new accounts. According to one
2017 survey, one out of 15 people have
reported being a victim of some sort of
identity theft. Criminals are using SSNs,
home addresses and knowledge-based
authentication question answers to
hopscotch from one kind of account
to another. Since many two-factor
authentication schemes use mobile
phone SMS text messages for logins or
password resets, hackers are working
hard to break into mobile phone
accounts, which will allow them to defeat
the two-factor implementation.
Criminals are also matching up pieces
of various identities to create an entirely
new ‘person’ they can use to apply for
credit and steal money. It is expected
that identity theft will continue to rise.
Synergistic threats will multiply,
requiring combined responses
Last year saw the rise in ransomware
attacks and cryptojacking, which
provides lower risk and better
return on investment. We have also
noticed that fileless and ‘living off the
land’ threats are more slippery and
evasive than ever. It is expected that
attackers will combine these tactics
to create multifaceted, synergistic
If attackers gain
control of IoT
devices, they can
create havoc on
individuals and
organisations.
threats. Synergistic threats are
becoming more common
because bad actors are
developing foundations,
kits and reusable threat
components that allow
them to focus on adding
value to previous building
blocks and enables them
to orchestrate multiple threats
instead of just one to reach their
goals. Fighting against such attacks
requires questioning every threat.
To guard against cyberthreats, we need
to ask questions such as, ‘What if we
are missing the real goal of the attack?’
Remember, it is expected that bad
actors will add synergy to their attacks,
but cyberdefences can also work
synergistically to defeat such attacks.
IoT security and attack on voice-
controlled devices
It is expected that we will have 75 billion
devices connected to the Internet of
Things (IoT) by 2025. Hence, we will
have a huge number of devices to
secure and new threats to identify. Both
hardware and cloud-based tools have
emerged that can monitor threats on
multiple devices at a time, but threats
can be enormous, often change in
tactics and approach, and are not
always completely understood.
If attackers gain control of IoT devices,
they can create havoc on individuals and
organisations. They can use the device
to mine cryptocurrency or connect them
with similar endpoints to form a botnet,
launch a DDoS attack, steal personal
data and attack websites.
To prevent such threats, IoT security
solutions are automating the detection
process and Crystal Market Research
says that the IoT security market is
projected to grow to over 30 billion by
2022. Increasingly, voice-controlled
assistants will be used to manage
IoT devices within the home. With the
adoption of voice-controlled devices
increasing rapidly, cybercriminals’
interest in attacking voice assistant
devices and IoT devices connected to
them will inevitably continue to grow. u
www.intelligentciso.com
|
Issue 10
21