It is that time again where we get to stretch out imagination a little bit and try and predict what will happen to IT security this year. As always, a disclaimer is needed, as it is impossible to know what will happen in such a dynamic and evolving industry. Here some of the predictions of IT security for 2018 and how you can prepare for a troublesome year in the world of IT security.
1. Security around the Internet of Things needs to be addressed
Adoption of the IoT (Internet of Things) is believed to accelerate in 2018 because both consumers and businesses prefer convenience and benefits it brings. On the flip side, manufacturers are currently failing to develop adequate security features for IoT devices, resulting in poor security settings. These weaknesses are likely to be exploited in 2018.
2. Dramatic increases in mobile threats to be expected
Back in 2016, Viking Horde created a mobile botnet and generated revenue out of it. Since then, a dozen or more mobile botnets have infected over 10 million Android-based mobile devices. Typically, a mobile device is powered on 24/7. It means that they are always at risk, and are expected to be targeted greatly throughout the year.
3. GDPR will change IT security
Experts believe the arrival of the GDPR in May 2018 will have a drastic effect on IT security. The goal of the GDPR is to harmonize data regulations, so that general IT security is increased. Companies not complying with the GDPR will have to face fines of up to EUR 20 million (USD 23.5 million approximately) or 4% of their total security, whichever is higher. If organizations adopt the GDPR as they are expected to, awareness and adoption of sophisticated IT security solutions in the EU should improve.
4. Cloud security must improve
Due to its storage capabilities and instant connectivity, the cloud is becoming more widely adopted every year. In 2018, cloud security will be a priority, predicts Gartner. Enterprises must re-consider cloud security guidelines to ensure that they are secure enough.
5. Artificial Intelligence-based attacks will increase
The number of attacks based on Artificial Intelligence will increase because cybercriminals will start using machine learning to imitate human behavior. AI tools based on social engineering will be used to automate and accelerate attacks by mimicking natural human behavior for phishing and other malicious activities. As per predictions, the cat-and-mouse game of cybercrime and security innovation will rapidly escalate in 2018.
6. Cybercriminals will focus on cryptocurrency
In 2018, cryptocurrency will likely continue its meteoric rise in adoption and popularity. The drastic increase in the value of cryptocurrency makes it more of a target for hackers. In the coming year, attackers will target and remotely control block chain technology wallets, forecasts Gartner.
7. Insider threats will continue to grow
Historically, insider threats have largely been underestimated, but they were the primary reason for security incidents in 2017. I do not think that year 2018 will be any different. In 2018, there is likely to be rampant growth in insider threats, including simulated phishing and social engineering attacks. However, the market is reacting to these threats. Many auditing and monitoring solutions that were once simply too expensive are now an affordable and powerful means of detecting and preventing insider threats. LepideAuditor is one such example.
8. State-sponsored attacks will increase
The progression of cyber-attacks driven by nation states will undoubtedly place critical infrastructure in the crosshairs in 2018. It could potentially lead to widespread outages or exposed personal information that could impact millions of innocent consumers, according to Experian’s Data Breach Industry Forecast.
9. End-user targets are likely to increase in 2018
Penetration into Active Directory infrastructure of numerous enterprises via unpatched servers will remain on the hacker’s list. However, attacks on end users with more sophisticated malware or phishing attacks on clients with expansive privileges are believed to be hacker’s new favorite. Protect your end users!
10. Ransomware attacks with self-replicating capabilities to continue in 2018
Cybersecurity incidents in 2017 revolved around the use of self-replicating ransomware strains that could easily spread between networks. WannaCry, Cerber and Locky were the most significant. So were the BadRabit and a wormable Trickbot Trojan, were all significant examples of this. These incidents might inspire threat actors to continue the use of ransomware modified with self-replicating capabilities.
Expect the unexpected in 2018
The IT security landscape changes so rapidly I would not be surprised if something big emerges and trumps all of these security predictions. Until then, we have to wait and watch what 2018 brings for all of us.