Intelligent CIO Africa Issue 25 - Page 34

FEATURE: CYBERSECURITY ////////////////////////////////////////////////////////////////////// It is expected that cybercrime will cost the world US$6 trillion by 2021, with global spending on information security products and services set to grow by 8.7% this year to US$124 billion. Ashraf Sheet, Regional Director, Middle East and Africa at Infoblox, looks at some of the cybersecurity trends that seem poised to significantly alter the landscape in 2019. Data exfiltration attacks to target the cloud In recent years, enterprises have widely moved their data to the cloud using Infrastructure and Platform-as-a-Service cloud models such as AWS and Azure. With a significant amount of corporate data in the cloud, attacks on cloud platforms are bound to increase. With the adoption of Office365, there has been a surge of attacks on Office365 services, especially attempts to compromise email. The past few years have also seen many high-profile data breaches attributed to misconfigured Amazon S3 buckets. The problem is that many of these buckets are owned by vendors in their supply chains rather than by the target enterprises. These open buckets and credentials allow bad actors to easily attack S3 buckets. Cryptojacking will continue to be in the headlines Attacks powered by AI For a long time, attackers have used evasive techniques to bypass security measures and avoid detection. Recently, however, an entire underground economy consisting of products, tools and dedicated services has emerged to assist attackers. Considering the ease with which attackers can outsource key components of the attacks, it is predicted that evasion techniques will become more agile due to Artificial Intelligence in 2019. Malware evasive techniques to bypass Machine Learning engines have increased in recent years. Bypassing AI engines has already been on criminal’s to-do-list for a while. This year though, it is projected that criminals will also be able to implement AI in their malicious software to automate target selection and check infected devices before deploying next stage malware and anti- detection technologies. Cryptocurrency mining has increased both as a topic of interest and activity as usage has grown exponentially in the last few years. Nowadays, it is impossible to see any technology news feed without articles on cryptocurrency and Blockchain. Cryptojacking is a way for cybercriminals to take over the computing devices and smartphones and take advantage of the CPU power to mine cryptocurrency. Cybercriminals infect victims’ phones and smartphones with malware, which uses the CPU power of the device to mine cryptocurrency, with the profits being directed back into the wallet of the attacker. The attack is not easy to detect because aside from the heavy use of the PC fan and driving up the energy cost of using the computer, cryptojacking doesn’t make itself obvious. An average victim won’t Cybersecurity predictions for 2019 34 INTELLIGENTCIO