2017 was another scary year for cyber security. Malware is at an all-time high, global ransomware damages are predicted to exceed $5 billion, and data records are being stolen by hackers at a rate of more than 5 million a day. just this year, we’ve seen spy tools leaked from U.S. intelligence agencies, political campaign hacking, state-sponsored ransomware, global IoT botnets, and much more.
As we move forward into 2018, what new challenges could lay ahead? To answer this question, our team has penetrated a hacker lair and recorded their 2018 cyber attack roadmap planning session. From building bigger and better IoT botnets, to cashing in on cyber insurance, here’s your chance to get inside the minds of these hackers. Here are our top 8 security predictions for 2018.
A major cryptocurrency will fall. With the value of cryptocurrency on the rise and coins from Bitcoin, Ethereum and Litecoin worth billions, they just can’t help themselves. Recalling the 2016 hack that made between $100 and $500 million of Ethereum permanently inaccessible, could they exploit vulnerabilities in new blockchain features next year? If so, we could see these hackers line their pockets with digital riches while toppling a major cryptocurrency.
SDRs become the new Wi-Fi Pineapple. For several years, the Wi-Fi Pineapple has made hacking simple for amateurs around the world. In 2018 the hackers expect the commoditization of Wi-Fi attack tools to shift toward software-defined radios (SDRs), which will give them the ability to easily access wireless protocols like Zigbee, Sigfox, Bluetooth and more. More wireless activity built into device, mean even more targets for hackers to infiltrate.
Cyber insurance will drive ransomware attacks. Compared to spam messages, which typically have less than a one percent success rate, most studies show that at least one-third of ransomware victims pay. With SMBs poised to continue rapidly adopting cyber extortion insurance, the hackers are formulating new plans to not only attack the insurance providers (for access to client lists), but also to parlay that into secondary attacks against the companies they cover.
IoT botnets to spur government regulations. With more than 8 billion connected devices in 2017 and billions more set to come online each year, they’re looking to have their names recorded alongside the hacking elite by creating the most pervasive botnet army the world has ever seen. As these attacks continue to grow in effectiveness and severity, governments will be forced to step-in and add more security regulations for IoT device manufacturers.
Double up on Linux attacks. Many IoT devices use inexpensive embedded Linux systems, which are notorious for having insecure defaults. By creating just a little malware code, these hackers think they can double their botnet power. With the number of Linux malware samples expected to double in 2018, no wonder this is a hot target for hackers.
The rise of inexpensive multi-factor authentication for SMBs. Multi-factor authentication, which has traditionally been too complex and expensive for smaller businesses, could provide the loophole they’re looking for. If they can act fast, and easily obtain employee credentials, they could walk through the front door of most retailers’ network and steal their data. But they better hurry – easy-to-use and inexpensive multi-factor authentication solutions will become quickly adopted by the SMB space.
Hacked election machines. Given the research that emerged at DefCon 2017 surrounding vulnerabilities in voting machines obtained off eBay, launching a targeted attack at these platforms seems like a no-brainer. Or is it? Perhaps they’ll decide to impact the elections through less-direct methods like misinformation or propaganda to effect the outcomes.
What are your security predictions for 2018?