2017 has been a busy year for cybersecurity. Between massive data breaches including Verizon, Equifax, Sonic, Uber, and the infamous “Paradise Papers”; ransomware variants like Wannacry, NotPetya, Locky, GoldenEye, and Jigsaw; and data leaks from major players including the US Air Force’s security clearances, several of the CIA’s confidential documents, and the records of Californian voters, it seems all anyone talks about is compromised data and security regulations.
From healthcare to legal to finance, no industry has come through the year unscathed by cyberattacks and threats. So, what’s next for cybersecurity? Cybersecurity experts from eSentire discuss what to expect in 2018:
More targeted, vindictive attacks
According to Mark Sangster, VP and industry security strategist at eSentire, cybercriminals will likely begin to “move from opportunistic and transactional attacks (for example, generic emails with cryptolocker) to more targeted (industry or firm focused) attacks.” This could lead to cybercriminals:
- Looking for higher value assets (client data) to lock, destroy or expose
- Demanding even higher ransoms to release, preserve or not expose compromising information
- Contracting attacks against organizations where the criminal gets payment from a third-party seeking to harm the target
eSentire’s Director of Threat Intelligence Viktors Engelbrehts, added, “Politically motivated and cyber espionage cyber-attacks against the critical infrastructure industry will continue to increase. There is also the potential for loss of human life as a result of targeted cyber-attacks, especially in the healthcare sector.”
More large-scale cybercrime
Opportunistic cybercrime will continue to rely on specific malware types, likely investing in capabilities to cause a rapid and global expansion of the infected surface.
According to Engelbrehts, “Such capabilities can also be used for politically-motivated attacks.”
However, “This assessment may change depending on Law Enforcement (LE) agencies’ abilities to deter cybercrime, prosecute individual criminals, and proactively disrupt malware infrastructure in a coordinated fashion,” he added.
At an individual level, further exposure of personal information coupled with a general lack of user awareness and ongoing data collection initiatives run by private organizations will worsen a user’s overall exposure to attack.
“Such [personal]information will remain highly valuable to cybercriminals and will likely continue to be used to facilitate fraudulent activities on a global scale,” said Engelbrehts.