- Security TWENTY
- Women in Security
A pair of predictions from the ethical hacking company IOActive. Countries will “on-shore” cyber testing and products to reduce risk, especially in the supply chain, writes Jason Larsen, ICS Principal Security Consultant.
Following the heels of the Kaspersky directive in late 2017, we saw the start of what has been called a “nationalistic” cyber trend in 2018 as governments have started to look at shifting projects to internal security resources. From a risk perspective, many countries now prefer that their own countrymen protect their own critical infrastructure, rather than seeking support from global firms. This onshoring of cyber testing and products has rippled across the globe and will continue in 2019.
We’re hearing an increase in concerns about attacks on supply chain, on both the hardware and software front. These attacks have been discussed theoretically or proved in some kind of demonstration, but in 2019, we will likely see more of these supply chain attacks in the wild. The catch is that these attacks are extremely hard to detect. For example, in 2018, we predicted and TrendMicro discovered the first Unified Extensible Firmware Interface (UEFI) rootkit in the wild. Named LoJax, the rootkit is believed to have been built from an anti-theft software program to snoop on European governments.
There are two kinds of compromises when we talk about supply chain. The first involves true malicious actors who put compromises in place and the second is compromises that occur due to poor security posture, which is by far the bulk of what we should be concerned about. If vendors are still dealing with defects as a result of quality, then they have no hope of dealing with more intentional attacks. After all, there are a lot more bugs when products are based on third-party products — for example, bugs in the vendors’ vendor product.
Despite automation, the cyber-security talent gap will remain a problem as 2019 brings more impactful attacks, including on ‘Smart Cities’, says Cesar Cerrudo, CTO at IOActive.
The demand for cybersecurity talent will continue growing, but so will the advancement of automation. Thanks to automation, one person can now do the work of many. However, when it comes to jobs requiring highly-skilled and specialised people, automation cannot help.
Common cyber attacks and ransomware are already having a detrimental impact on companies. In 2019, we will see increases in these attacks and their negative impact on companies. Ransomware is an easy way for cyber criminals to profit, so it will continue propagation unless the bad guys find a better method to profit. Coin mining attacks may replace some ransomware attacks, depending on how cryptocurrencies do next year, in terms of valuation and mining difficulty. This means cyber criminals could choose to use hacked computers more to mine cryptocurrencies, rather than asking for ransom.
In 2019, technology adoption in cities will continue to grow and speed up. Most cities are deploying new technologies at a rapid pace, regardless of whether they are big or small cities, because technology helps to provide better services and to reduce costs. While adopting new technologies is a great move which brings many benefits, it also brings many problems related to cybersecurity — the more technology that is being used, the more possibilities there are for cyber attacks.
Most technologies that are adopted aren’t very secure. As cities continue to deploy these technologies without first ensuring that they are secure enough, this puts city infrastructure and services at risk. Cyber criminals will keep targeting city services with ransomware, denial of services and other attacks as they continue finding easy ways to compromise city systems and profit from it. Maybe 2019 could be the year when we start seeing attacks with greater impact in city systems and populations, causing millions of dollars in losses and putting citizens at risk. Everything depends more and more on technology and if technology is not secure, people will suffer bad consequences when it’s hacked.