+
EDITOR’S QUESTION
ASHRAF SHEET,
REGIONAL
DIRECTOR, MEA,
INFOBLOX
/////////////////
“
IT IS NOT ONLY BIG
CORPORATIONS
THAT ARE
TARGETED BY
CYBERCRIMINALS
THOUGH. IN FACT,
NEARLY HALF
OF THE ATTACKS
ARE TARGETED
AT SMALL
BUSINESSES.
I
t is expected that cybercrime will
cost the world US$6 trillion by 2021
as per Gartner estimates. To protect
customer data and proprietary information,
corporations are spending more and more
on security products and tools each year. In
2019, worldwide spending on information
security products and services is expected to
grow by 8.7% in 2019 to US$124 billion.
Last year was an eye-opening year for the
cybersecurity industry. Big corporations
such as Facebook, Under Armour and, more
recently, Marriott, have had millions of
customer records stolen, each of which has
caused significant harm to the company’s
brand. It is not only big corporations that
are targeted by cybercriminals though. In
fact, nearly half of the attacks are targeted
at small businesses. Let’s look at some of
the cybersecurity trends that seem poised to
significantly alter the landscape in 2019:
www.intelligentcio.com
Attacks powered by AI
For a long time, attackers have used evasive
techniques to bypass security measures
and avoid detection. Recently, however, an
entire underground economy consisting of
products, tools and dedicated services has
emerged to assist attackers. Considering the
ease with which attackers can outsource key
components of the attacks, it is predicted
that evasion techniques will become more
agile due to Artificial Intelligence in 2019.
Malware evasive techniques to bypass
Machine Learning engines have increased in
recent years. Bypassing Artificial Intelligence
engines has already been on criminals’
to-do-list for a while. In the coming year
though, it is projected that criminals will also
be able to implement Artificial Intelligence in
their malicious software to automate target
selection and check infected devices before
deploying next stage malware and anti-
detection technologies.
Data exfiltration attacks to target
the cloud
In recent years, enterprises have widely moved
their data to the cloud using Infrastructure
and Platform-as-a-Service cloud models such
as AWS and Azure. With a significant amount
of corporate data in the cloud, attacks on
cloud platforms are bound to increase.
With the adoption of Office365, there has
been a surge of attacks on Office365 services,
especially attempts to compromise email.
The last few years have also seen many
high-profile data breaches attributed to
misconfigured Amazon S3 buckets.
The problem is that many of these buckets
are owned by vendors in their supply chains
rather than by the target enterprises. These
open buckets and credentials allow bad actors
to easily attack S3 buckets.
Cryptojacking will continue to be in
the headlines
Cryptocurrency mining has increased
both as a topic of interest and activity
as cryptocurrency usage has grown
exponentially in the last few years.
Nowadays, it is impossible to see any
technology news feed without articles
on cryptocurrency and Blockchain.
Cryptojacking is a way for cybercriminals
take over computing devices and
smartphones to take advantage of the CPU
power to mine cryptocurrency.
Cybercriminals infect victims’ phones
and smartphones with malware, which
uses the CPU power of the device to mine
cryptocurrency, with the profits being directed
back into the wallet of the attacker. n
INTELLIGENTCIO
33