This past year was something of a turning point for public cloud adoption. In 2018, the floodgates are really going to open as organizations see and feel the lower costs for running in cloud, and that they can move more quickly. That means attackers are going to follow that data into the cloud, regardless of what the data is – be it credit cards or medical records or something else.
A Shortage of Skilled Workers Paves the Way for Automation
Attacks will continue to be effective through an increase in sophistication, but they will
also be successful due to the challenges organizations face in recruiting and retaining skilled cyber professionals. With no foreseeable end to this skills shortage as 2018 approaches, the security industry will likely begin to see more automation, machine learning, and artificial intelligence used to combat cyber attacks. The most sophisticated organizations have automated intelligence sharing, and are putting those intelligence feeds directly into security controls without a human ever touching a keyboard. FireEye expects this type of automation to spread next year, increasing preventative controls and decreasing the time to detect attacks.
More Malware Targeting Cryptocurrencies
As cryptocurrency continues to skyrocket in value and popularity, FireEye expects to see much more malware targeting anonymous currencies such as bitcoin. Previously, FireEye observed several different types of malware that target systems for mining purposes; however, moving into 2018 the company expects to see much more malware actively stealing cryptocurrency from weakly protected wallets, shimming password entry to wallets, stealing offline wallets for brute forcing, or using credentials stolen from the same user.
Increased Activity from Nation-States and APT Groups
The changing geopolitical situation in the Asia Pacific region will see Chinese APT groups shift their focus, instead going after countries and groups that are seen as a threat to China’s access to and influence over global markets. India and Hong Kong are likely to attract maximum activity from Chinese APT groups. Additionally, FireEye observed an increase in non-Chinese and non-Russian APT groups in 2017, and expects to discover more in 2018.
“In many ways, 2017 was a testing year for cyber security in India, and we should brace for the same next year. The root of the challenge is people embrace technology faster than they secure it,” said Shrikant Shitole, Senior Director and Country Head for India at FireEye. “There is good news too. Business leaders are increasingly stepping up to the challenge. Additionally, we are creating technologies to solve critical challenges in the marketplace. In particular, we are seeing firms turn to automation technology to help address our cyber security talent shortage. With determination and the right resources, Indian firms can stay ahead of the attackers.”