“At the heart of our predictions is a requirement to understand the intersection of people with critical data and intellectual property. By placing cyber-behavior and intent at the center of security, the industry has a fighting chance of keeping up with the massive rate of change in the threat environment.”
“We know that data leakage and ransomware will continue to be the focus for remediation and prevention, but behavior-centric risks are now behind a multitude of security incidents. People’s behavior should not be set in opposition to security: the two are not mutually exclusive. Users have the potential to unintentionally compromise their own systems in one minute and be the source of innovation in the next, but we can only empower users if we truly understand the ways they interact with critical business data.”
Privacy Fights Back
Users’ perception of privacy has changed in recent years, with a steady erosion of the line between “personal” and “public.” There are tensions between individual rights and security for all as legal, technological, societal and political drivers combine to kick off what Forcepoint is calling “The Privacy Wars,” pitting technologists against the ordinary person on the street, and splitting opinion in government, at work and at home.
Prediction: 2018 will ignite a broad and polarizing privacy debate, not just within governments, but between ordinary people.
Data Aggregators: a Goldmine Waiting to be Tapped
The Equifax breach rocked the security industry, and the full impact of this breach has not yet played out. Forcepoint believes that this was the first of what will be many breaches on hosted business applications: those that contain information on a sales force, prospects and customers, or those which manage global marketing campaigns. Attackers seek the path of least resistance, and if they can find a weak link in a system which already contains the crown jewels of personal data, they will exploit it.
Prediction: A data aggregator will be breached in 2018 using a known attack method.
The Rise of Cryptocurrency Hacks
As cryptocurrencies grow in importance, including as a method of extracting revenue from cybercrime, Forcepoint predicts that the systems surrounding such currencies will increasingly come under attack. We expect to see an increasing amount of malware targeting user credentials of cryptocurrency exchanges, and that cybercriminals will turn their attention to vulnerabilities in systems relying on blockchain-based technologies.
Prediction: Attackers will target vulnerabilities in systems which implement blockchain technology.
Disruption of Things: It’s Going to Happen
The wide scale adoption of IoT devices in consumer and business environments, coupled with these devices often being both easy to access and unmonitored, has made them an attractive target for cybercriminals wishing to hold them ransom or obtain a long-term, persistent presence on the network. While ransomware of these connected things is possible, it remains unlikely in 2018. However, a new threat that will emerge in 2018 is the disruption of things. As the IoT offers access to both disruptive possibilities and massive amounts of critical data, we will see attacks in this area, and may also see the integration of a man-in-the-middle (MITM) attack.
Prediction: IoT is not held to ransom but instead becomes a target for mass disruption