Four more security trends in 2018

Source: Gemalto. Au.

Companies have not been protecting themselves well in 2018, to the point where Michael Au, President South Asia & Japan, Gemalto says that “businesses are still not doing the basics when it comes to data protection”.

“This means protecting the data at its core through encryption, key management and controlling access. In Gemalto’s latest Breach Level Index, 945 data breaches led to 4.5 billion data records being compromised worldwide in 1H18. The Asia Pacific region (APAC) alone accounted for 339 incidents,” he said.

Overconfidence

Ruckus Networks' research ties in with Gemalto's. Ruckus Networks’ inaugural Asia Pacific State of Wi-Fi study found that while more than half (53%) of respondents in APAC rated the current state of Wi-Fi security in their organisation as good or very good, close to one in five (19%) of the APAC respondents indicated that they have an open Wi-Fi network with no secure login measures. Further, more than three in five (65%) APAC organisations only use basic usernames and passwords to provide Wi-Fi access, noted Vasudevan Venkatakrishnan, Director of Business Development, Ruckus Networks Asia Pacific.

Source: Ruckus Networks.
Venkatakrishnan.

“These findings both illustrate that leaders have a misplaced sense of confidence in their Wi-Fi security and do not have sufficient measures in place to protect their networks," he said, warning that with organisations deploying more devices to improve business processes and efficiencies, they are at a greater risk of attacks than ever if they do not secure their networks.

Venkatakrishnan shared that the Wi-Fi Alliance announced the latest security protocol update for Wi-Fi devices in the form of WPA3 in June. “This was a much-needed update as WPA2 was launched in 2004. WPA3, which comes in both enterprise and personal versions, will provide better protection for devices connected with Wi-Fi through encrypted connections, making it more difficult for hackers to gain entry using brute force methods, or 'man-in-the-middle' attacks.

“At the same time, WPA3’s new feature, WiFi Easy Connect, will help IoT devices connect more easily. While WPA3 signals a big step forward in beefing up security for networks and devices, widespread adoption in 2019 remains a question,” he said.

Source: Trend Micro.
Jain.

New cyberthreats

According to Fortinet, threats that came to the fore in 2018 include:

Fileless malware variants

Unlike traditional malware attacks that require cybercriminals to install a malicious executable on disk to infect a machine, fileless malware leverage tools already on many computers such as PowerShell and WMI to infect memory directly.

“In addition to keeping persistence these scripts can be installed into autorun registry settings ensuring the malware is loaded every time the infected machine reboots. Using these techniques makes it increasingly more difficult to detect,” said Anthony K. Giandomenico, Senior Security Strategist and Researcher, Fortinet.

Cryptomining

Also known as cryptojacking, cryptomining focuses on maliciously injecting exploits into the browsers of computers or distributing malware across servers and IoT devices with the goal of leaching CPU resources to mine cryptocurrency for financial gain.

Source: Hillstone
Networks. Liu.

“These attacks can cause system crashes, poor network efficiency, and a sharp drop in machine speed for those within the infected network,” said Giandomenico.

“Cryptomining malware is also showing an increase in worm-like spreading capability, leveraging the EternalBlue exploits that made headlines for its use in the large-scale WannaCry ransomware attacks. Known as WannaMine, this one form of cryptomining malware has the capability to move laterally across a network, identifying and exploiting vulnerabilities and legacy systems that haven’t been properly patched.”

Persistent exploits

The threat landscape today also indicates that cyberattacks are becoming increasingly persistent, continuing to be active even after system reboots.

Designer attacks

Source: Fortinet.
Giandomenico.

Designer attacks are highly sophisticated and target the specific network security and vulnerabilities of an organisation, instead of launching a cyberattack and hoping someone falls victim to it.

“Cybercriminals are now doing extensive research into their targets, leveraging external vulnerability scanning and automated detection methods to identify core business information, high-value data, and areas where valuable network credentials can be obtained,” said Giandomenico.

Governments take notice

Governments are increasingly aware of the consequences of cyberthreats and understand that cybersecurity cannot be an afterthought, noted Nigel Ng, VP, International for RSA. “This year, we witnessed the introduction of a slew of cyber regulations, such as Singapore’s Cybersecurity Act, that are aimed at driving greater accountability of organisations,” he said.

Mandatory disclosure laws

Source: RSA. Ng.

Tony Jarvis, CTO, APMEA, Check Point Software said, “Perhaps the largest surprise from a regulatory perspective throughout 2018 relates to mandatory disclosure laws. These laws, which require organisations to disclose details around data breaches, have been blatantly ignored by those who’d prefer to keep such attacks out of the public eye. Knowingly violating the law is a practice that we can only hope will decline as social pressure to notify of such breaches ramps up.

He expects 2019 to bring laws that aim to reduce the number of data breaches we experience. “The proliferation of such laws are needed not only because new technologies necessitate guidance around their lawful use, but also to compel organisations to meet certain minimum requirements,” he said.

Sporadic enforcement so far

Source: Check Point.
Jarvis.

"There has been a major push in data security and private protection regulations worldwide...At this point, the enforcement of these regulations are sporadic. We expect the enforcement to pick up as companies that are in compliance reach critical mass," said Tim Liu, CTO, Hillstone Networks.

"As security breaches continue to occur, companies will protect themselves from negligence by increasing investment in compliance of regulations. We will see this continue to happen for the next year or two, at least."

Liu also noted that regional regulations can have global ramifications. "This could make the compliance efforts of companies more complex as regulations from different regions may interact and potentially be in conflict. The other challenge companies may face is how to preserve operational efficiency while implementing compliance measures," he said.

"In 2019, cybersecurity as a hot topic will continue to propel governments to intensify regulatory supervision in the cyberspace. For instance, California recently started requiring that manufacturers use stronger passwords for their smart devices. We expect to see more bills and mandates like this next year,” said Nilesh Jain, VP of SEA & India, Trend Micro.

Jain predicted that GDPR regulators will penalise the first high-profile violator in 2019, slapping it with the full 4% fine. "In the same vein, there should be more data breach disclosures in 2019 than in 2018, giving the impression that cybersecurity landscape is getting more precipitous," he said.

"However, this could be a good thing, as enterprises can have more insights into how attackers are carrying out their ploys, and learn from each other’s mistakes. And this will push regulators to dispense more specific guidance, such as what cybersecurity technologies are actually needed."

“Governments are also accelerating efforts towards tackling the cybersecurity talent gap. Case in point — this year, in ASEAN alone — a cybersecurity centre was launched in Thailand while another is set to open its doors in Singapore next year. In addition to grooming cybersecurity professionals the region needs, these centers are critical platforms that will drive cyber-collaboration amongst ASEAN country members.”

Don't forget cybersecurity hygiene

“With nations making headlines for alleged attacks on federal infrastructure, the disruption of the opening ceremony of the 2018 PyeongChang Olympics and the damages left in the wake of the SamSam and WannaCry ransomware attacks, government agencies have good cause to focus their cybersecurity attention toward large-scale threats. Yet agencies also cannot afford to be distracted from maintaining consistent, effective cybersecurity hygiene,” noted Aamir Lakhani, Global Security Strategist and Researcher, Fortinet.

Source: Fortinet. Lakhani.

“Government will always be a prime target. To help mitigate the risk of a successful attack, agencies should maintain and consistently update their cybersecurity hygiene.”

Towards an integrated ecosystem

Ng said cyber resilience will only become a reality when all stakeholders work collectively towards a safer and prosperous cyberspace. “Governments can play an instrumental role in boosting their nations’ cyberdefences by fostering a trusted knowledge-sharing environment for collaboration between individuals, businesses and the governments,” he said.

“This drives conversations and facilitate knowledge-exchange on cyber resilience and digital risk management so everyone can collectively work towards a safer and prosperous cyberspace.”

Ng also noted an uptrend in joint ventures, partnerships and collaborations between cybersecurity firms to leverage each other’s insights and expertise. “We expect these concerted efforts to generate synergies that will propel the industry closer towards its cyber resilience goals,” he said.

Explore:

Browse the full list of 2018 round-ups and 2019 predictions in TechTrade Asia