Cyber security 2019: It’s not all bad news so far
Reflecting on the 2019 cyber security landscape and what the overall picture is looking like for this year.
As we trundle towards the end of 2019, very soon we will start seeing cyber security predictions for 2020, complete with the usual gloom and doom forecast of what to expect next from cyber criminals.
What SA businesses need to be considering right now is are they General Data Protection Regulation (GDPR) compliant. There is no question that the EU’s GDPR has taken data protection to the next level. Whilst it was widely adopted, on the global front, in 2016, it only became enforceable in 2018.
GDPR has made it imperative for businesses to focus on preparedness and embark on a data-driven regulatory compliance initiative.
But before we embark on either a GDPR big stick approach to get you to start thinking about where your business is and what the consequences are of non-compliance, let’s first reflect on the cyber security situation up to mid-year 2019. What trends have come to the fore in 2019?
One of the dominating ongoing patterns this year has been targeted ransomware attacks. Collaborations between criminals in 2019 have facilitated even more destructive attacks that have been seen to paralyse numerous organisations worldwide. Moreover, what ends with a ransomware attack usually starts with a more silent sequence of bot infections.
We live in a world where e-mail scams have become a business in which professional cyber criminals are hired to run e-mail campaigns.
It’s not all bad news. Although still highly visible, crypto-miners are on the decline this year with only 21% of organisations worldwide reporting they have been affected by this as compared to 42% during its peak in 2018.
Software supply chain attacks attracted much attention. In such attacks, cyber criminals inject malicious code into components of legitimate applications, victimising a large number of unsuspecting users.
Despite the fact that one year ago next month, US president Donald Trump signed into law the Cyber Security and Infrastructure Security Agency Act of 2018, cyberspace and its underlying infrastructure are reported to be increasingly vulnerable to a wide range of risks. The level of sophistication of cyber criminals appears to be heightened each year.
According to the US Department of Homeland Security, these people are organised; some even recruited to exploit vulnerabilities, steal information, extort money and are developing capabilities to disrupt, destroy, or threaten the delivery of essential services.
The accumulation of several cases since the beginning of this year has led the US government to devote special attention to this evolving threat and is expected to publish – in the coming months – official recommendations on ways to minimise the impact of such attacks.
If security specialists are to provide organisations with the best level of protection, they need to be attuned to the ever-changing landscape and the latest threats plus attack methods. So, let’s highlight some of this year’s trends.
E-mail scams are here to stay
We live in a world where e-mail scams have become a business in which professional cyber criminals are hired to run e-mail campaigns. It is also safe to say this industry is definitely here to stay.
Spammers/phishers will continue to improve their capabilities and techniques to ensure their illegal profitability. The up-side is that security vendors will continue to improve their products to protect against such threats.
The Check Point research reports a surge in the volume of sextortion scams and business e-mail compromise this year. Both fraudulently deceive victims into making payments through blackmail or by impersonating other people and they do so convincingly. Both scams adopt these elements and do not necessarily contain any malicious attachments or links, which makes them even harder to detect.
The ability to devise evasion techniques designed to bypass security solutions and anti-spam filters has also increased. Tactics reported this year alone include: encoded e-mails; complex underlying code that mixes plain text letters with HTML character entities, to name just two methods.
Social engineering techniques, as well as varying and personalising the content of the e-mails, are additional ways that permit scammers to fly safely under the radar of anti-spam filters and reach their target’s inbox.
Attacks against cloud environments
This is where the fun really starts. The proliferation of public cloud environments has led to an increase of cyber attacks targeting resources and sensitive data residing within these platforms.
This follows trends observed in 2018 when practices such as misconfiguration and poor management of cloud resources remained the most prominent threat to the cloud ecosystem and, as a result, subjected cloud assets to a wide array of attacks.
This year, misconfiguring cloud environments was one of the main causes for a vast number of data theft incidents experienced by organisations worldwide – South Africa was not exempt from this pattern.
Facebook and Amazon are just two global names that suffered this year. In April, more than half a billion records of Facebook’s users were exposed by a third party on unprotected Amazon cloud servers.
Besides information theft, cyber criminals intentionally abuse the different cloud technologies for their computing power. So far this year, cloud crypto-mining campaigns have definitely been intensified through criminals improving their techniques to enable them to be capable of evading basic cloud security products.
In my second Industry Insight in this series, I will expand on what is happening in the mobile environment.
Strydom joined DRS in 2006 as part of the finance team and worked himself up through the company and was appointed managing director in 2017. He boasts a wealth of experience in finance and business, and oversees the smooth daily running of the company, which has over 85 employees and in excess of 130 clients. Strydom took a Bachelor of Social Sciences degree at Rhodes University, and upon graduation, went to London where he spent the next four years in financial management roles.