What we will also start seeing is the use of chatbots for phishing. Users have become increasingly accustomed to making use of chatbot services that are hosted on websites as a means of support. This will make it easier for malicious actors to use this method to extract personal information or log in details from a user in order to gain access to bank accounts or as a means to send the user malware.
Looking ahead we predict that we will see an increase in hackers exploiting home networks as a way into an enterprise network. With more companies adopting remote working as an option for employees, we anticipate that we will see more breaches that come from unsecured home networks as organisations don’t have visibility on the threats that may affect staff at home.
Staying with businesses, it is also predicted that business email compromise (BEC) will continue to be employed by cybercriminals, however, targets will be managers a little lower down in the hierarchy. Previously, BEC has focused on those responsible for making payments, such as CFOs. However as this management layer becomes more security aware, malicious actors will start to set their sights on people like the CFO’s assistant or secretary instead.
As far as governments are concerned, the battle against fake news will continue into 2019. The goal for the cybercriminal here is to sway public opinion in a specific direction, and with so many countries holding elections this year, as well as the Brexit finalisation, we anticipate that we will see an increase in this sphere.
It is quite likely with these possible developments that there may be a stronger push for stricter regulation of data and security. Compliance has been a hot topic throughout 2018, and will continue to be an influencer in 2019 and the coming years, particularly as we navigate the digital age and big data.
If hackers are going back to basics, as it appears that they are, then so must we as a security industry. We need to look beyond the systems we deploy, continue to place extensive emphasis on the education of the end user, look at ways in which we can deploy intrinsic security – namely from the edge – through the network and into the cloud, and ensure that our security policies follow every user, every connection and every device.
If 2018 was anything to go by then 2019 is going to be exceptionally interesting for all security professionals. As an industry we need to be more vigilant in staying abreast of nefarious activity and developing tools to assist in stopping attacks, as end users you are going to be required to secure more with less. Ultimately we have the tools to help but we need to continually innovate in order to stay one step ahead.
Pages: 1 2
