Hacker. (Duncan Alfreds, Fin24)
Johannesburg - The past year's devastating cyber attacks could soon be dwarfed, with new and better coordinated attacks in 2018 looming large.
Cybersecuity firm Check Point said technology users should prepare for larger, orchestrated worldwide outbreaks as hackers devise new strategies to cash in on human errors.
The firm provides end-to-end security for enterprises, cloud, and personal mobile devices, putting it at the coalface of fixing security breaches.
The last year saw two massive cyber attacks, that cost both South African and global companies millions in damages.
In June Fin24 reported that hackers made less than R26 000 off the massive Petya malware attack, which caused major damage to computers globally including thousands of South Africans.
Earlier the WannaCry virus, which surfaced in May, was seen as the biggest attack of 2017. The virus infected between 400 000 and a million devices worldwide.
Doros Hadjizenonos, country manager, Check Point South Africa said companies would need to beef-up security to avoid such attacks in 2018.
“As operating systems beef up their security, we expect to see a decline in the use of exploits to target vulnerabilities, in favour of an increase in the use of human-error driven basic hacking techniques,” said Hadjizenonos.
“However, targeted attacks using sophisticated, nation-state sponsored weaponised tools are emerging, and the rate of attack is likely to continue to rise,” he added.
Hadjizenonos made several predictions about cyber security trends, including how hackers planned to disguise their attacks.
Ransomware and malware
Ransomware has been a cash cow for criminals, as well as a disguise for more destructive purposes. For example, Petya looked like ransomware but inflicted damage by locking up data.
Hadjizenonos said all types of users - from consumers to corporations - have fallen prey to ransomware, causing reasonable suspicion that it will continue to grow.
"We can also expect to see criminals getting creative in their extortion tactics, for example if you infect two contacts, we’ll give you your data back at a lower cost.”
Utilisation of server-less computing and data storage in the cloud is becoming more widely adopted in business, he said.
"However, it’s worth remembering that cloud technology and the infrastructure that supports it is relatively new and evolving, and that there are still serious security concerns that provide a backdoor for hackers to access enterprise systems and spread rapidly across networks."
He said the growing adoption of SaaS-based email such as Office 365 and Google’s G-Suite makes for attractive cybercrime targets, and we expect cyber criminals to ramp up their cloud attacks during 2018.
Mobile devices are part of the business IT fabric everywhere, yet they continue to be rarely, if ever, secured appropriately. Hadjizenonos said as a result they presented a vulnerability risk.
"We’ll continue to discover flaws in mobile operating systems that highlight the need for organisations to take a more serious approach to the protection of their mobile infrastructure and end-point devices against malware, spyware, and other cyber attacks."
The majority of critical infrastructure networks were designed and built before the threat of cyber attacks, he explained.
"Whether the target involves telephone/mobile phone networks, electrical grids, power plants, or water treatment plants, it speaks to our good luck that there hasn’t been a large-scale, successful attack on critical infrastructure that impacts millions of people… yet."
The DDoS attack against domain directory service DynDNS in 2016, which caused an internet outage affecting users of large web businesses such as Netflix and Amazon, provides a glimpse of what is possible in critical infrastructure cyber attack, Hadjizenonos said.
"An attack of this type and scale will happen, and it would not be surprising to see it happen in the next 12 months."
Internet of (insecure) Things
As more smart devices are built into the fabric of enterprise networks, organisations will need to start using better security practices for their networks and the devices themselves, he warned.
"The potential attack surface expands with the growth of IoT device usage, and attacks on compromised IoT devices will continue to grow. We will see more variations of the Mirai and BlueBorne attacks coming our way in 2018."
Better security practices in IoT will be critical for preventing large-scale attacks – and may even need to be enforced by international regulation, he concluded.