Firm Says 2019 will be the ‘Worst Year Yet’ for Cyberbreacheseditor@aashto.org February 8, 2019 0 COMMENTS
New analysis issued by cybersecurity-focused venture firm Allegis Cyber indicates that data breaches resulting from cyberattacks are expected to increase in 2019 – with transportation one of the industries warned “not to let their guard down.”
[Above photo via PixBay.]
“The next spate of [cyber]attacks could be the worst yet … because more effective malware will be deployed aggressively on more fronts, including at the ultra-sophisticated nation-state level,” noted Robert Ackerman Jr., founder and a managing director of AllegisCyber, in a recent blog post.
“Compounding matters is that the use of AI [artificial intelligence], including machine learning, is accelerating as hackers look to scale the damage they inflict,” he explained. “In addition, as companies increasingly adopt digitization to drive efficiency, they effectively set themselves up for cyberattacks. The more they do so, the more they become targets.”
Ackerman added that, according to industry analyst Cybersecurity Ventures, cybercrime will cost $6 trillion annually worldwide by 2021.
Cybersecurity concerns are also growing in the transportation sector due to the expansion of “digital control” for both vehicles and infrastructure – an issue discussed in a report on the future needs of the interstate highway compiled by the National Academies of Sciences, Engineering, and Medicine.
“One new factor to be included … is concern over cyberattacks – both against vehicles and the roadway system itself,” explained Norman Augustine, former chairman and CEO of Lockheed Martin Corp. and chair of the report committee, in a press event last December.
“As motor vehicles become more electrified, automated, and software dependent, very likely we will face more challenges of a cybersecurity nature,” he said.
[Amy Blackshaw, director of product marketing for RSA Security, provided more detailed insight into the technological pathways hackers typically exploit in the course of conducting cyberattacks.]
AllegisCyber’s Ackerson said five specific types of cyberattacks are expected to become more prevalent over the course of 2019:
- Ransomware resurgence.Ransomware made its debut as serious malware following the global WannaCry attack in 2017. According to the Federal Bureau of Investigation, U.S. ransomware payments last year exceeded $1 billion.
- Data “weaponization” will accelerate.Plagued by increasingly compromised privacy, tens of millions of web users have begun to seriously question the net benefit of the internet. Why? Ackerson said one “excellent example is Facebook; a reflection of the company’s “huge blunder” in 2018 when it provided Cambridge Analytica with personal data on 87 million of its users.
- AI-driven chatbots emerge.“This is the year in which cybercriminals and black-hat hackers start creating malicious chatbots in a bid to misdirect users to click on illegitimate links,” he said. “Attackers are also likely to take advantage of web-application flaws in legitimate websites to insert malicious chatbots into websites that don’t have them.”
- Crimeware-as-a-service. This new component of the underground economy will attack entire cities, warned Ackerman. “Adversaries will use new tools that attack data integrity, among other things, disabling computers to the point that the hardware must be replaced,” he said. “Making things miserable for the masses draws enormous attention.
- Cyberattacks on satellites. In June, Symantec reported that an unnamed group had successfully targeted the satellite communications of Southeast Asia telecom companies involved in geospatial mapping and imaging, Ackerman noted, with Symantec also reporting attacks originating in China last year on a defense contractor’s satellite.
“To be sure, the future isn’t entirely bleak. Corporations every year continue to increase cybersecurity budgets and they, alongside some state governments, are pursuing new steps to try to avert and mitigate damage,” Ackerman stressed.
Multifactor authentication, for example, is expected to become the standard for all online businesses, making password-only access an anomaly, he said.
“In addition, some states are likely to strengthen cybersecurity laws. California has already passed some tougher standards, effective in 2020,” Ackerman noted. “[While] those developments will not turn the tide on the growth in cyberattacks in 2019, they could avert some breaches.”