Cybersecurity Predictions for 2018
Note: This article was initially published on VmBlog.com
Throughout 2017 brands continued to demonstrate the ongoing, and ever-present susceptibility to DDoS and other cyberattacks. The impact of these attacks was felt across all corners of businesses - we saw executive teams fired, stock prices fall and consumers lose confidence in brands as a result. Despite this, we believe that fame (or infamy) is not actually the goal of most hackers. Instead, they are looking for ways to profit or benefit while flying under the radar so that attacks can to go on longer, provide access to more data or they are able to affect specific targets in very granular ways.
As a result, brands have become more aware, security teams more capable, and defenses more mature. At Neustar, our team of experts predict that 2018 will see a further shift of mindset, by both the attacker and defender. While no one knows what the future will hold, the following predictions are our team's best guesses of what brands should be preparing for next year.
More subtle, layered, and nuanced attacks are coming - Joe Loveless, Director of Security Solutions, Neustar.
"A trend that we've started seeing over the last 12 months, that we predict will carry into 2018, is attackers are moving away from the big events towards smaller and more targeted stealth attacks," says Loveless. "Essentially there are two kinds of attackers - those who are in it for the money, and those who are in it for a cause (political, social, etc.)."
"The first type of attacker has realized that the more they draw attention, the more risk they bring upon themselves and the money that they can make. The second has realized they can succeed more by going after social media and ‘fake news' than by taking down a website. Attacks are becoming more subtle, helping both types of hackers meet their goals by running attacks far more undetected than in previous years. Although the threat of mammoth attacks is out there, disruption and not destruction is a better advantage for attackers and I expect to see them make full use of that position."
More attacks will shift from websites to underlying infrastructure - Barrett Lyon, Head of Research and Development, Neustar.
"Next year we will see more attacks shift to underlying infrastructure components rather than directly to web sites or publicly visible services," says Lyon. "These attacks focus on payment processing, Application Programming Interfaces (APIs), network connections to buildings and factories. Imagine if someone figured out how to map all a retail company's network connections and attacked them all, making every store go offline. As a result brands will continue to invest in WAF technology to create a layered defense against attacks."
Internal business partnerships will be critical when combatting emerging threats - Tom Pageler, Chief Risk Officer and Chief Security Officer, Neustar.
Next year it will be important that CISOs partner with other lines of business (LOB) owners to get their message across about emerging threats. Risk is determined through awareness of current threats, recent methods of attacks, and an understanding of one's infrastructure.
"In 2018 CISOs should be focused on partnering with the other LOBs to ensure a proper understanding of what needs to be defended against," says Pageler. "Even before new threats are detected, the CISO needs to talk to the various LOB owners to understand what assets and services are critical to their portion of the business, and how they need to be monitored for emerging threats."
Private internet is coming - Rodney Joffe, Senior VP, Senior Technologist, and Fellow, Neustar.
Responding to the constant barrage of attacks on the public internet Joffe predicts "we'll see the development of a ‘private' internet, where trusted networks interconnect directly and hold each other to standards of behavior, including taking responsibility for users. It's the Balkanization of the Internet, which is directly contrary to the initial philosophy of an open and free thought Internet."
Cyber World Meets Real World - Chris Roosenraad, Director, UltraDNS, Neustar.
"At the end of 2015, we had real world power outages due to a cyber attack. At the end of 2016, a core Internet infrastructure player going offline knocked out many of the most important US sites. In mid-2017, we had almost every consumer in the US have their credit info stolen. Next up is an event with physical implications associated with it," says Roosenraad. "When our actions are no longer confined to an online reality, the way that people think about cybersecurity will change significantly. It's not if you are going to be attacked but when, and what are your layered defenses. Most of us would benefit to shift to that mindset today, to get ahead of what will inevitably happen tomorrow."