HIT Think

3 top cybersecurity predictions for 2019

What will 2019 bring for the security landscape?

Making an informed prediction first requires us to think back on 2018. The year started with a big bang—Spectre and Meltdown (also known as Chipocalypse). Nothing like this had ever happened to computer security. Hundreds of millions of systems, as well as cloud environments, were affected.

The impact, as well as the ongoing research into related vulnerabilities, continues today.

Municipalities and healthcare organizations remain attractive, soft targets for attackers. The City of Atlanta is the prime example in the public sector. Ransomware demanding $55,000 worth of bitcoins disabled many of the city’s services and forced it to revert to pen and paper. Taxpayer’s bill for this attack currently hovers around $17 million.

The “Wall of Shame” for patient data breaches across healthcare can be found here. Alarmingly, it’s not only our protected health information that is at risk, but also implantable medical devices. At Black Hat 2018, researchers revealed critical vulnerabilities in insulin pumps and pacemakers, but also less-than-stellar handling of those vulnerabilities by the affected vendor.

HDM-061917-Breaches.png

And 2018 also served as a reminder of the shared responsibility model for cloud security that some organizations seem to forget. Without proper management, public cloud environments can be as insecure as on-premise IT systems and endpoints. Throughout the year, we saw the number of public cloud breaches increase, and data from enterprises, public utilities and even the Pentagon were leaked by the millions of records.

Now on to some predictions for 2019.

Attacks on industrial plants
Industrial control systems (ICS) vulnerabilities have already made the news as a result of successful attacks on an electrical grid and chlorine plant in Ukraine to a narrowly avoided disaster at a Saudi petrochemical plant. These vulnerabilities were among the top three themes at this year’s Black Hat and DEF CON conferences. Attacks on Industrial IoT will become more common in 2019, and we predict that it could result in a major disaster at a critical infrastructure facility, such as a power plant or hydro dam.

Confirmed use of adversarial artificial intelligence (AI)
AI and machine learning have been the buzzwords in the security industry for a while now. While you’ll see more security vendors incorporate them into their product, we believe that in 2019 hackers will start using these techniques maliciously, and a significant attack or strain of malware will leverage AI in 2019.

For instance, just like security vendors can train their machine learning models on malware samples to detect them, malware writers can “train” or tune their malware to avoid detection using the same exact algorithms. Attackers can corrupt the data that ML models use in training, and because ML algorithms need so much data to work with, they’re not able to differentiate the corrupted data. This type of AI weaponization was demonstrated by IBM scientists in a proof-of-concept of a highly targeted and evasive attack tool powered by AI earlier this year.

Hackers try a new attack vector
Just like with Spectre/Meltdown, a previously unknown threat will arise in 2019. As most of the security industry still relies on existing data for threat detection (including training machine learning models on old malware samples), security vendors will try to update their products too fast, and leave themselves open to become a “patient zero” from an unknown threat. Cloud infrastructure or financial services will be the most at-risk, because of the nature of the vertical and the fact that are constantly updating their security measures.

Remember the early 2000s? If you had reasonable patching hygiene along with an antivirus product and a firewall, you had a genuine sense of security. Now, a decade and a half later, that sense of security has evaporated completely. With every link you click, every file you open, you feel like you're navigating a minefield.

A recent report by Cybersecurity Insiders confirms this sense of desperation; only half of security professionals believe their current endpoint security posture can stop 75 percent of attacks or more. Even more alarming, 54 percent believe it is moderately likely to extremely likely that they will experience successful cyberattacks in the next 12 months.

What would it take to make us feel secure again? Should we continue with the cat-and-mouse game that we’ve been following for the past three decades? Can we reimagine security from scratch? These questions needs/will be top of mind for CISOs in 2019.

For reprint and licensing requests for this article, click here.