Cybersecurity in 2019
An annual report by Panda Security compiles 2018’s cybersecurity data, making predictions for 2019 trends
19 December 2018 | 0
Panda Labs has compiled an annual cybersecurity report, gathering data over the past year to analyse trends and make predictions as we move into 2019. These predictions can help companies and consumers alike prepare themselves for the cyber threats we are likely to face in the coming year.
The findings from the report brings together some interesting stats and figures about the past year and shines a light on some particular events.
2018 was certainly a busy year in the cybersecurity arena. Several big scares arrived very quickly starting with Meltdown and Spectre vulnerabilities found in the majority of modern microprocessors, along with backdoors being discovered in systems used by UK Government contractors.
The rise of ‘Cryptojacking’ was also seen which involves the process of remotely using someone’s CPU or graphics card to mine cryptocurrency. This can be done as subtly as the user just visiting a certain website, where the code uses the processing power of your machine to solve the algorithms used in the mining of cryptocurrencies and then deposits the reward for this into the hacker’s account.
Aside from the more ‘direct’ threats from malware, there was also a wide spectrum of data breaches throughout the year, which was made all the more costly by the introduction of GDPR in Europe in May.
The most well-documented data misuse case of the year surrounded the Cambridge Analytica scandal where personal data of at least 87 million Facebook users was exploited without permission in order to influence the US presidential elections.
In September almost 50 million Facebook accounts were exposed after attackers exploited a vulnerability allowing them to steal users’ access tokens. Facebook has notified the Data Protection Commission (DPC) here, but it remains to be seen if there will be a fine for this particular event.
The largest data breach of the year came from Aadhaar, India’s national ID database which contains the information of 1.1 billion Indian citizens including biometric data. Journalists discovered that they could obtain any record of a registered individual in Aadhaar for 500 rupees (just under 6 Euros). The Unique Identification Authority of India (UIDAI) has denied any claims of a breach.
2019 is set to see an increase in the pace of the cyberwar arms race. While conventional malware such as Worms and Trojans will still remain a threat, several new methods of infiltrating software will become far more common.
‘Live hacking’ will become more popular as attacks that originate in this way do not require traditional software packages that can be detected or destroyed, instead a system is actively infiltrated by a hacker to recover information or data. This is most likely to be directed at corporations or governments initially, but this could of course have repercussions for the general public too.
Supply chain attacks will also become more common. This idea rests around a popular service being infected with malware, unknown to the provider of the software, and then being distributed to a customer base – essentially using legitimate software as a disguise for the malware to infect a wide user base under the guise of a new update or latest release.
It is also suggested that AI will become more widely used by attackers. 2019 will be the year of AI in many ways, and will find its way to be applicable in several industries for both positive and negative effects. Sadly, AI has no moral compass (yet?) so it will be employed by unscrupulous individuals to find new ways to break and circumvent defences.
You can read the full report by Panda Security here.
IDG News Service