The advancements in artificial intelligence (AI) and machine learning are going to be the top trends in 2019 to impact technology and security. These trends will be driven by growth in data volume that is processed and analyzed, rapid adoption of cloud, and development of smart products. Additionally, the fifth generation of internet (5G) that is expected to roll out in 2020, will also impact the technology and security.
Trend Micro, the leading cybersecurity and defense firm, released a new report titled “Mapping the Future: Dealing With Pervasive and Persistent Threats” which includes security predictions for 2019 and beyond. For these predictions, the experts at Trend Micro analyzed progress of current and emerging technologies, user behavior, market trends, as well as their impact on threat landscape.
Top Cyber Security Predictions for 2019
Among the cybersecurity predictions for 2019, Trend Micro mentioned the rise in actual fraud using stolen credentials, more lives will be claimed because of sextortion, and countries will witness more collateral damage. Further, cyber propaganda and fake news will decide the future of countries.
Having said that, following are the key findings and highlights of the Trend Micro Security Predictions for 2019.
Cases of phishing to rise in 2019
Phishing attacks are those cyber threats where attackers try to win trust of users by pretending to be a trustworthy person. They get sensitive information from users and carry out the attack. Over the years, these attackers are trying to carry out phishing attacks without much activity from users, so that they can do their work easily.
As per the report, phishing attacks are on the rise and will continue to increase in 2019. The phishing attacks will be observed in emails, SMS, messaging accounts, online banking credentials, and accounts used for cloud services.
Cybercriminals will target famous YouTubers and other social media personalities
Attackers will target the social media accounts of users having millions of followers. Accounts of famous YouTubers, brand influencers, and other famous personalities with several million followers are more likely to be compromised using phishing attacks.
Cybercriminals will use these accounts to attack the followers by making them join campaigns for DDoS (distributed denial of service) or cryptocurrency mining.
The stolen credentials can also be used to register in various rewards programs that can make money for attackers. The report highlights that attackers can also use stolen accounts for registration of trolls on social media for cyber propaganda.
If the attackers get access to numerous social media accounts, they can use it to add fake votes to polls, and other nasty purposes.
Work-from-home devices will become entry points for attackers to enterprise network
Remote-working culture is trending nowadays among enterprises, as more employees are choosing to work from home. In 2016, around 43% employees in America were working from home, up from 39% in 2012, finds Gallup.
This culture affects the visibility of enterprises to handle data movements. When employees use internet from home for using cloud-based applications and collaboration software, the IT team of the company can’t control them the way they do for devices within the company.
Hence, the remote devices sometimes become a mix of personal and enterprise network. Since, the personal devices don’t exhibit as strong security as the enterprise devices, attackers can enter the enterprise network from these remote devices.
Non GDPR-compliant enterprises will be penalized
EU’s General Data Regulation Protection Regulation (GDPR) that came into effect this year hasn’t exercised all its new powers as most of the companies needed more time to comply with the law. But these regulations will needed to be strictly followed in 2019, or the companies will be penalized the full 4% of their annual revenue.
To properly comply with all the points of GDPR, the companies will need to rethink of the data privacy and security technologies. Trend Micro expects that by 2020, around 75% of new enterprise apps will need to choose between compliance and security.
“While privacy and security are not mutually exclusive, efforts to ensure data privacy compliance will have a detrimental effect on a company’s ability to adequately determine the source and details of a security threat,” explained Trend Micro in its report.
Emails of C-level executives will be compromised
One of the primary ways for attackers to make money is to compromise business emails. As a result of this, they will get deep down to the hierarchy of the company. They will focus on the assistants or secretary of C-level executives, or a manager of finance department.
Suggested reading: Organizations have 14 misconfigured public cloud services running at any given time
Cybercriminals will blackmail non-compliant enterprises
GDPR will open new source of income for cybercriminals. How? Well, they will look out for companies that are not compliant with the regulations. If any non-compliant company is found, they will blackmail them and demand ransom, or the non-complaint status will be exposed.
These are some of the key findings of Trend Micro’s Security Predictions for 2019. The full report is available here.
Image source: Trend Micro