Evolving ransomware looms as 2018's biggest threat
A recent study indicated that there are an average of 130 security breaches each year and that the annual number of security breaches is increasing by 27.4 percent each year.
It’s no surprise then that, in 2018, the volume, complexity and stakes of cyberattacks will only continue to increase, with malicious actors capitalizing on the IT/OT/IoT convergence phenomenon to identify new attack vectors and wreak more widespread havoc.
As we enter a New Year, here are my thoughts for what is on the horizon for the cybersecurity landscape in 2018.
The past year saw a surge in ransomware attacks, with first appearances of self-propagating ransomware spreading fast across hundreds of organizations. In 2018, organizations will see ransomware not only perfecting their means of spreading, but also taking entirely new forms, beyond the traditional method of encrypting hard drives.
With IT security technologies systems closing the gap in preventing traditional encryption attacks, and with physical systems now being more hackable than ever, new and more creative ways of ransomware attacks will become mainstream, such as taking elevators out of service, locking parking garages or turning up heating systems.
The probability is high that we will see the first major cyberattack on US critical infrastructure.
We’ve already seen power grids and manufacturing plants in Europe attacked during the past two years, and 2018 will likely be the first year when we will see a significant attack on the critical infrastructure of the United States.
In October, the FBI and DHS warned of advanced persistent threat activity targeting energy, nuclear, water, aviation, construction and critical manufacturing sectors. Critical infrastructure companies are behind in preparing their operational facilities to confront cyberattacks, making them an easy target for politically motivated attackers.
That’s likely to be continued bad news for healthcare organizations, which have been prime targets of ransomware events.
Security budgets will shift significantly as they relate to size and allocation. In 2018, security budgets will continue to increase and will be driven by several factors. These include:
- The psychological impact of large-scale breaches, the devastating impact of Equifax and similar breaches, and the personal impact on company executives, which drives a fear of being the “next Equifax.”
- The expansion of the attack surface, and the need to protect not only IT systems but also IoT and OT systems, requiring new, specialized systems.
- The shortage in security experts, driving the need for more advanced systems to replace manual work.
The most significant change in budget allocation next year will be the shifting of budgets to outsourced security and managed services (MSSPs), as organizations can no longer allocate the staff to confront the volumes and complexity of attacks. This volume and complexity, coupled with the shortage in staff, will also move budgets from traditional, preventive security to AI-based detection response and automation technologies. This will reduce staff’s workloads and increase efficiency.
With more than 200,000 US cybersecurity jobs unfilled, attacks growing in volume and the increased challenges in certifying cybersecurity professionals, security staffing will reach a critical shortage, to the extent that we will begin to see security operation centers (SOCs) left unstaffed.
An increasing number of organizations will be forced to outsource their security operations, and cybersecurity salaries will continue to grow as organizations will desperately seek to close the skill gap.