2019 cybersecurity crystal ball

February 2019 Editor's Choice, Cyber Security

Every January of every year, experts in all fields of cybersecurity put on their thinking caps and, alone or in group think tanks, wrack their brains about the perils facing us in the year ahead. They attempt to get into the minds and thought patterns of attackers, but invariably come back to the same question and answer: How long is a piece of string?

Craig Rosewarne.
Craig Rosewarne.

Most experts will claim that their domain is most at risk and should therefore claim the larger slice of the annual cyber spend. One thing is abundantly clear, what goes around comes around (with some tweaks to the code) with a few new surprises thrown in.

Wolfpack Information Risk undertook research, both online and vis-à-vis, to try and gauge the feelings of those in the industry and other outside players. The slight majority fall into the following categories.

Volatility – will 2019 be more volatile than 2018?

Every responder replied in the affirmative. Most international experts were of the same opinion.

Most sought-after asset for attackers?

A small word with massive implications – data. According to Wolfpack senior consultant, Mitch Sowden, ‘’There is a lack of appreciation pertaining to the value and ownership of data assets.’’ An attacker’s ultimate aim when targeting an organisation is its crown jewels. They are worth a fortune whether ransomed, stolen, exfiltrated for sale or used in future attacks against the organisation, subsidiaries, suppliers and stakeholders of the entity.

Data is an enormous asset, yet a major burden to an organisation as well. Sowden continues, ‘’understanding the value of assets and the actual risks faced can achieve a balance between cyber spend and ROI.’’

Although the long sought-after promulgation of PoPIA and that EU GDPR has finally happened, it remains to be seen if they will be the promised watchdogs and guardians of data or toothless hounds with more bark than bite.

Who will be 2019’s most active threat actors?

Many still feel that 2019 will belong to cyber criminals, both organised and otherwise, whose main focus is on monetary gain. However, nation states and terrorism will play a major part in assaults this year.

According to Mike McKee, CEO, ObserveIT, “We expect nation-state threats to increase significantly in 2019, particularly targeting critical infrastructure. Critical infrastructure systems are extremely vulnerable to both cybersecurity and physical security risks. State-sponsored threats and high-level hackers are constantly looking to gain access to the critical infrastructure of nations worldwide, with the intent of hitting some of our most valuable systems (national security, public health, emergency communications, and more”.

Observers are anxiously scanning the skies and space as previously immune satellites used in communications, science and the military are open to cyber-attacks. As the saying goes, ‘’He who controls the skies (space) controls the battle.” The loss of these crucial assets will be catastrophic for governments and humankind in general.

Although a cyberwar is looming, many nation states are using proxies to test the waters to determine the extent that cyber weapons can be included in their armouries. Further, disinformation campaigns and voter rigging is already seen to be happening and pinning the blame is increasingly difficult.

AI/IoT/cloud

The above, in their purest forms of thinking and invention, could really benefit all of humankind. The Dark Side, however, has seen the potential in far more sinister ways. AI can be used relatively easily to disseminate millions of craftily conceived phishing and social media attacks with minimal human help. Rogue chatbots, currently using text messages, could soon evolve into slick talking instruments to get people to click on links or open attachments which are malicious. Unlike ethical businesses that are extremely protective over their intellectual property, bad actors often freely share their knowledge and products or offer it for sale at bargain prices.

On the positive side, AI, can be extremely helpful in protecting systems from attack by sifting through chatter, static and false positives that torment organisations daily. However, current AI needs to be streamlined to offer more quality services than quantity.

As far as IoT is concerned, volumes can be written. As with AI, devices conceived to make our lives simpler, safer and easier have turned and bitten the hands that created them. CCTV systems to help protect against intruders are now welcoming them in and guiding them to the mother lode of an organisation or state department. Driverless cars are deemed suitable ‘vehicles’ to assassinate, kidnap or simply hinder innocent people. Smart systems in your car can give an overview of your daily routine, routes, preferences and habits. In the race to get out new products before the competitor, manufacturers are bypassing best practice security and leaving many devices woefully exposed.

The cloud, the mighty cloud. It doesn’t take a rocket scientist to see where the most lucrative data, intellectual property, company secrets, celeb pics, etc. are stored and the enormous wealth associated with it. 2019 will most likely see renewed, more advanced attacks on cloud service providers. Why aim for a few thousand records when you can get hundreds of millions in one foul swoop. Watch this space.

What about other threats?

Make no mistake, the usual ‘oldies but goldies’ will still be around this year and for years to come. ‘’We will however see an increase in extortion/sextortion-based attacks and a huge leap in scams thanks to the large volumes of information available which attackers use to create more personalised messages to trick their victims.’’

Keep safe out there.


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Constructive CCTV contributions to research
September 2019, Leaderware , Editor's Choice, CCTV, Surveillance & Remote Monitoring
Study leads to understanding that we need more recognition and reward for constructive participation in society.

Read more...
Ensuring a seamless ultra-wideband ecosystem
September 2019 , Editor's Choice, IT infrastructure
FiRa consortium ensures an interoperable ultra-wideband technology ecosystem across chipset, device and service infrastructure through standards and certifications.

Read more...
Check Point appoints new regional director for Africa
September 2019 , News, Cyber Security
Check Point Software Technologies has appointed Pankaj Bhula as regional director for Africa.

Read more...
ISO standard for protecting personal data
September 2019 , News, Cyber Security
Tackling privacy information management head on: first ISO standard for protecting personal data has been published.

Read more...
The hunt for the Carbanak group
September 2019 , Editor's Choice, Cyber Security, News
Tomorrow Unlocked has released a free four-part documentary that tells the story of the notorious Carbanak APT group and its $1 billion bank heist.

Read more...
Genetec to integrate CylancePROTECT
September 2019, Genetec , Editor's Choice, CCTV, Surveillance & Remote Monitoring, News
Genetec has announced it is partnering with Cylance, a business unit of Blackberry, to bring AI-based antivirus protection to its appliance customers.

Read more...
Building automation vulnerable to hacks
September 2019 , News, Cyber Security
New vulnerability revealed in Internet-connected building automation devices at the DEF CON IoT Village that could impact critical building systems.

Read more...
X-rays in 3D
September 2019, XPro Security Solutions , Editor's Choice, Security Services & Risk Management
Hi-Tech Security Solutions asked Greg Dixon, director of XPro, for some insights into X-ray scanning and its pros and cons in today?s volatile world.

Read more...
Smart Inspection Unit developed by Roteck
September 2019 , Editor's Choice, Security Services & Risk Management
Roteck has announced a portable personnel and bag scanning unit that can easily be transported, set up and used in almost any location.

Read more...
Keeping our changing environment secure
August 2019 , Editor's Choice, Security Services & Risk Management
For a crime to take place there needs to be a victim and a criminal who sees an opportunity. For a cybercrime to take place we need the same set of circumstances.

Read more...