2017 was a whirlwind year in the security sphere (to say the least). Riddled with ransomware attacks, increasingly sophisticated malware and gnarly phishing schemes, 2017 was a bit lacking in the ‘comfort and joy’ department. So, what does 2018 have in store? We asked a handful of channel experts to weigh in on what they think the new year will bring. Buckle up...
Security software will have a target on its back
In 2018, cybercriminals will target and exploit more security software. By targeting trusted programs and the software and hardware supply chain, attackers can control devices and manipulate users. Hackers will leverage and exploit security products, either directly subverting the agent on the endpoint, or intercepting and redirecting cloud traffic to achieve their means. As these events become more publicly known, the public and business perception of security software, particularly that of antivirus solutions (AV), may further deteriorate.
- Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes
Ransomware - It’ll Take a Village
While businesses of all sizes and consumers alike have ransomware on the brain and are starting to take internal measures to make cybersecurity a priority company-wide, many will continue to be unprepared for outside attacks, which are projected to occur every 14 seconds by the end of 2019, up from every 40 seconds this year.
As businesses look at ways to proactively combat cyber attacks, they’re met with the reality that no single product today has a ransomware “feature.” Instead, partnerships between data security and data protection providers, such as leading consortiums like Ransomware Watch, will become increasingly important to lead the fight against these threats, and organizations should also look for formal partnerships or M&A activity in this space.
- Christophe Bertrand, VP of Product Marketing, Arcserve
Standardized hacking techniques will make attribution even harder
In 2018, more threat actors will adopt plain-vanilla tool sets, designed to remove any tell-tale signs of their attacks. For example, we will see backdoors sport fewer features and become more modular, creating smaller system footprints and making attribution more difficult across the board. And, as accurate attribution becomes more challenging, the door is opened for even more ambitious cyberattacks and influence campaigns from both nation-states and cybercriminals alike.
- Kevin Livelli, Director of Threat Intelligence of Cylance
Cloud security will mature
2018 will be the year organizations finally realize the cloud is actually more secure than storing critical apps on-premises. Amazon, for instance, has hundreds of employees working on a single service in its cloud with the goal of maintaining that service's security. In general, the cloud is more secure when considering the investments companies like Microsoft, Amazon and Google have made in order to deliver the type of service their customers need. 2018 will be the year that IT leaders will stop asking if the cloud is safer than on-prem, the question will become obsolete as cloud security permeates the enterprise.
- Mike Puglia, Chief Product Officer of Kaseya
Wi-Fi: increased public awareness
Anything that’s free, like Wi-Fi, can actually be very costly for you. I predict there will be more attention on security in general, but Wi-Fi is the one to watch for 2018. Weak Wi-Fi can create a back door into your sensitive data unless you have a personal firewall that sits outside your device. Most people don’t currently have that at home, but we’ll see the adoption of more sophisticated technology as awareness grows.
- Ebba Blitz, CEO AlertSec
The cybercriminal underground will continue to evolve and grow
While it may seem like we are already overwhelmed by the amount of cyberattacks occurring daily, this will not slow down in 2018. In fact, with a recent increase in cybercriminal tools and a lower threshold of knowledge required to carry out attacks, the pool of cybercriminals will only increase. This growth is a likely response to news media and pop culture publicizing the profitability and success that cybercrime has become. Ransomware alone was a $1 billion industry last year.
Joining the world of cybercrime is no longer taboo, as the stigma of these activities diminishes in parts of the world. To many, it’s simply a “good” business decision. At the same time, those already established as “top-players” in cybercrime will increase their aggressive defense of their criminal territories, areas of operations and revenue streams. We may actually begin to see multinational cybercrime businesses undertake merger and acquisition strategies and real-world violence to further secure and grow their revenue pipeline.
- Jerome Segura, Lead Malware Intelligence Analyst, Malwarebytes
GDPR will be the Y2K of 2018
Companies are publicly touting their GDPR readiness, but behind closed doors, I expect a lot of uncertainty about the ability to comply with these new and incredibly strict guidelines. While GDPR won’t result in the same public hysteria as Y2K, IT practitioners who were around at the turn of the century will feel a bit of déjà vu. In particular, many companies in the US are waiting to see how GDPR plays out stateside, and I expect in the first few years after its enactment, the EU will look to make an example of a multinational who fails to check all the boxes.
- Malcolm Harkins, Chief Security and Trust Officer of Cylance
Security Complications from Emerging Technology
The IoT is going to continue to be an issue as threats grow in size and scope. Even as people become more aware of security risks, and developers try to work harder to secure connections, in many cases security isn’t a consideration at all, or it’s only added at the end. When a botnet such as the Reaper botnet occurs, we have no idea how big it is, or the motivations, or what is already affected. Things like smart toys and the next “cool connected thing” are already, and will continue to make this scenario more complicated.
[Artificial intelligence poses some problems, too.] AI has its place in sifting through the data, making sense of all the false positives and surfacing the real, meaningful alerts so that a human can do something about it. AI will be important moving forward, but be warned - it can be a distraction. There are other things that take precedence that don’t include AI assisting with threat intelligence.
- Sam Elliott at Bomgar