10 Network Security Predictions in 2019

1. Spear phishing is more targeted
Nowadays, network attacks with the aid of social engineering are still the most efficient way, and also, spear phishing is the most cost-effective weapon in hackers' hands. Time and again, the frequent security incidents remind us that about 80% to 90% APT attacks are implemented and launched through phishing channels; Moreover, many new technologies and achievements are introduced into the weave of spear phishing tools, for example, tracking and mining victim’s privacy data via social media, or construct phishing content through AI/ML, the activity level of relating automated phishing attacks is likely to jump in the coming year, undoubtedly, due to its simplicity and efficiency, the number and the amount of relevant attacks in 2019 will continue to rise.
2. Commercial fraud is everywhere
In the new year, BEC(Business E-Mail Compromise)related financial losses and the number of victims will continue to surpass 2018(Global BEC related losses exceed 12 billion US dolloars), and will reach a new peak, collaboration among international organizations will further deepen, for example, in response to the growing business email compromise, more countries have joined the transnational cooperation ofInternational Business E-Mail Compromise Takedown, the following are the latest and most likely roles, services, entity and business scenarios relating to BEC frauds, that the FBI is warning about:
  • Business executives: criminals will spoof or directly invade the e-mail accounts of senior executives (such as CIOs, CFOs, etc.), then lead to fraudulence, finally huge remittances are credited to the bank account established by the fraudsters in advance.
  • Real estate transactions: criminal impersonate sellers, realtors, title companies, or law firms during a real estate transaction to require the home buyer for funds to be sent to a fraudulent account.
  • Data and W-2 Theft: criminals, using a compromised business executive’s e-mail account, send fraudulent requests for W-2 information or other personally identifiable information to an entity in an organization that routinely maintains that sort of information.
  • Supply chain: criminals send fraudulent requests to redirect funds during a pending business deal, transaction, or invoice payment to an account controlled by a money mule or a bad actor.
  • Law firms: criminals find out about trust accounts or litigations and impersonate a law firm client to change the recipient bank information to a fraudulent account.
At the same time, it is expected that more enterprise employees or social individuals will raise their awareness of information security. In particular, it is necessary to warn thatthe security awareness of managers at all levels in enterprises needs to be improved at first.
3. The Ransomware will still be raging
As for ransomware, 2019 is not an exception, the relevant economic losses will gradually increase and break through the previous records. The growth of ransomware's benefits is spurring the incubation of the relevant underground industry chain, in the coming year, ransomware service will continue to ferment, world events like WannaCry attacks the world's largest chip foundry, TSMC, will still occur frequently. In addition, in the background of turbulent context of the world economic backgrounds and new channels of ransomware propagation, e.g. GrandsGrab via USB flash disk, the hackers will expand their focus from enterprise to individuals [2], more and more desktop installed with personal computer operating system will be affected. Although, at the end of 2018, WeChat ransomware is proven to be a false alarm to Chinese market user (the only payment method is WeChat micropayments), but its fact has revealed the potential feasibility to the world [3]. Back to the ransomware itself, not surprisingly, WanaCry and NotPetya that spread through Eternal Blue will be listed in the forefront of the rankings, and this situation will be constantly unchanged.
4. Magic along with the Internet of Things
IoT devices are springing up like mushrooms, smart devices and protocols lack of enough security measure are widely used into various applications, without any adequate security testing. In 2018, the number of networkable devices purchased and deployed by enterprises and homes [7], as well as the number of Android and iOS platform apps, will continue to maintain a strong growth momentum. More and more smart devices, especially those home routers, will be hijacked and then incorporated into existing IoT botnets, relevant number and growth rate will steadily rise in the upcoming year. More than that, due to its concealment and suddenness of triggering, it is not ruled out that there will be more world-class security incidents in the future, such as the US Eastern Broken Network event that occurred in 2016 [1]. The security industry does not seem to be prepared for this, faced with the needs of security emergency response or services in the IoT field, it is no longer able to keep up with the actual space, and hence spawn more start-ups. Undoubtedly, investment growth in related fields will break through the past records, mobile terminal equipment suppliers, such as Huawei and Samsung continue to increase their investment in security research of IoT field. Especially, worthy of attention is the field of smart device chip, chip giant Intel spent huge sum to buy Mobileye to provide security measures for connected smart cars. In the future, “XXX smart car was hijacked” news headlines have been waiting for us to read, will this moment be in 2019? Let’s wait and see what will happen. As for home users, the following suggestions are worth adopting:
  1. Do not use the default factory password.
  2. Update the router’s firmware in time.
  3. If necessary, create a second network dedicated for networkable smart devices to prevent hackers rapid scaling horizontally.
5. Data leakage: the pain of interconnection
The 2019 list of data leakages is still your singer, and the number and growth rate of data leakage will continue to rise. According to the data leakage report published by Gemalto in October 2018, 2018 is the only year in which the total amount of leakage data exceeded 2 billion records in the past five years. Previously, only in 2013 this record was reached (in that year, Yahoo's approximately 3 billion account data leaks were disclosed to the public). In the first half of 2018, Gemalto's system observed more than 3.3 billion data files being leaked, an increase of about 72% over the same period in 2017, several of them are particularly worthy of attention:
  1. The identity information (ID number, bank account number, driver's license number, passport number, etc.) is still at the top of the list, there is reason to believe that this year will not be an exception, the number and growth rate will increase and make history.
  2. Due to the widespread acceptance and active implementation of its corporate cloud strategy, North America contributed 97% of data records and 59% of data leakage incidents [6] [7], which has led the world for several years, and for those Asian companies following Europe and the United States strategy, it’s worth pondering when they come to their own cloud strategy.
  3. It is worth mentioning that the data leakage through social media in 2018, about 2.5 billion data stored in social media were leaked, among them, media predators, such as Facebook, Twitter, etc.
In the future, the most frequently used apps will possibly enter into the data leakage leaderboard:
  • Various types of technology companies, especially social media and internet startups, will also appear frequently.
  • Litigation events arising from compliance issues will reach a new height in the future.
  • Taking into account business reputation and compliance requirements force companies to accelerate investment in data security and related businesses, to ensure that enterprises can prevent problems before they occur, furthermore, to take correct and effective security measures in the event of data leakage.
6. Old topic about vulnerabilities
In the new year, growth rate and number of new vulnerabilities will still increase, this trend can be felt from Tenable's report on the first half of 2018[4]. New reported vulnerabilities in 2018 H1 increased by about 27% year on year, it’s expected that a whole new yearly vulnerabilities will be between 18,000 and 19,000 in 2018, furthermore, vulnerabilities at the highest risk level also increased by 3% year-on-year; the security vulnerability management of enterprises will become more and more difficult to control than ever, Carbon Black's Quarterly Response Report[7] released in November 2018 revealed that up to 60% of attacks are no longer only limited to the first target organization, but with some common tools ( such as Powershell, WMI, etc.), scale horizontally to other departments within this unified organization, or to other relating business partners, relevant observed facts show that 36% corporate networks are being leveraged to attack their affiliates.
7. Security awareness training is at the right time
When you read this, everyone has a natural feeling of vagueness, that all technical systems or services from a technical point of view are unlikely to provide a complete protection solution for people. Therein among which, internal employees or relevant personnel within external companies involved in business operations play an extremely important role in the information security of an enterprise, furthermore, it has an in-depth impact on the company's security risk management practices. In those ongoing information security incidents, how to actively and effectively identify risks and respond appropriately from the organizational level is extremely important, especially in the case of data leakage. After a long period of development in the past two years, the end-user security awareness education and risk management training market has now become a fast-growing market. In the past 2018, there emerged more startups in this area, such Ataata has brought a lightweight and fresh style to the industry. Continuing the trend in 2017, the market segment is further accelerated in 2018, and the number and amount of acquisitions/mergers are also continuing to grow, for example, Barracuda quickly entered the market through the acquisition of PhishLine, and Proofpoint acquired Wombat in March 2018, ranking among the leaders. Considering that governments around the world are strengthening the protection of corporate and personal data security in their own countries, the localized security awareness product/training brands in the proportion of new ventures will be significantly increased in the coming year. The market may be impressive after 5-8 years developing, and looking at the current three aspects, the trend will be further strengthened and developed in 2019. MediaPro also made predictions and suggested the management of CISO or CSO, the importance of security awareness education and the far-reaching impact on the enterprise [8]:
  1. Compliance needs, especially in the face of public awareness of information security awareness and continued government attention (such as the Australian Privacy Amendment, the EU's GDPR and the New York Security Regulations).
  2. Assist companies to monitor related personal violations and impose penalties to avoid greater losses (such as potential loss of business reputation or huge fines from the government).
  3. Improve employees’ personal knowledge and ability to perceive threats, identify risks, and conduct information security operations in compliance.
  4. Change and maintain the good security behavior of employees and organizations, furthermore, build a safer corporate culture in information security aspects.
8. Security response will be more intelligent
Feedback from various sources shows that the organizing and response methods of past emergency response have become more and more difficult to maintain [7], in 2019, the progress of machine learning and artificial intelligence algorithms, and also the further mutual integration, will push and promote accelerated development and integration of cloud security, threat intelligence, threat detection, etc., start-ups in related fields will also emerge in large numbers. The technology and market changes in products and services for security emergency response are also coming soon, as can be seen from the number and intensity of various listed companies in this field in 2018 [9].
9. Blockchain security continue to be chaotic
In 2018, the blockchain experienced radical development, ups and downs, meanwhile, the blockchain security also lifted the mysterious veil. Security incidents beyond 100 million is endless, in the upcoming year, the number and value of relating cases will continue to grow. However, as the blockchain-related economic bubble fades and the heat of concern subsides, relating growth rate will fall rapidly, it is possible to reach the peak in the next 1-2 years and then turn around, from the end of 2019 to the beginning of 2020, it may be the best time to witness this peak. From the perspective of technology and application, the blockchain security field has become more and more complicated due to the deep involvement of stolen money, extortion and mining software, the measures of the government and industry management departments will continue to strengthen in the coming year, enterprises that provide relevant security products and services will also gradually mature after undergoing a baptism in 2018. The relevant market has also entered a period of deep integration, chaos will be clarified, leaders will gradually emerge, let us wait and see.
10. Looking back
Only from the perspective of revenue, it is surprising that with the integration of compliance and cybersecurity driving the accelerated integration and development of the security services market, security and consulting services are rapidly growing into a key pillar of the security market [10]. In the past three years, the proportion of all the security business and security related revenues of PwC/DPT/KPMG/EY has been continuing to rise, firmly occupy the top 8 of the income list, this trend will be further consolidated in 2019. In the next three to five years, driven by the direct needs of the government and customers, the security services sector will generate more niche players with more unique features and closer to market demands, such as managed security service providers (MSSP), emergency response platform, cloud security threat detection, etc. In particular, they are more able to understand the user's needs on localized security products and services, the in-depth development of public and private clouds will be a catalyst for such market segments. 2019 may be a product or service in some market segments, an investment and market outbreak year or a period of rapid growth.
Finally, in the upcoming year, it is expected that the information communication and data exchange environment of business and individual can be more secure and get more timely protection, there will be more information security awareness for the world population as well.
If you are interested in any of these solutions, please go to www.cellopoint.com or contact our sales team to sales@cellopooint.com