In 2018, attacks will continue to be effective through an increase in sophistication.

In 2018, attacks will continue to be effective through an increase in sophistication.

From innovative attacks and malware, to incoming laws and regulations, to changes in nation-state activity, it is evident that 2018 has the potential to be another event-filled year in cyber security.

That's according to cyber security firm FireEye, which cites the shortage of skilled workers, an increase in cloud adoption as well as the Internet of things (IOT) as some of the challenges that await the cyber security industry in 2018.

"In recent years, we have seen an uptick in security technologies and infrastructure using cloud services such as Amazon Web Services, Azure and more. We have also seen attackers leveraging these cloud services for various purposes, including to host URLs for phishing and to distribute malware," says Grady Summers, CTO at FireEye.

He points out hosting on known file-sharing services and leveraging cloud service providers is useful for attackers, because it helps them bypass the initial domain reputation checks performed by most security engines.

Additionally, with cloud offerings becoming more prominent every day, FireEye expects attackers will become more aware of cloud environments and thus adapt their behaviours accordingly. Traditionally, we have seen malware binaries detecting virtual environments, says Summers.

For defenders, the firm says, this means either restricting downloads from cloud service provider IP addresses or limiting downloads.

Skills shortages

FireEye also notes attacks will continue to be effective through an increase in sophistication, and they will also be successful due to the challenges companies face in recruiting and retaining skilled cyber professionals.

These skills shortages are partly to blame when it comes to recent widespread attacks that leveraged unpatched applications and operating systems, it explains.

In 2018, FireEye believes companies will spend more time thinking about and testing their ability to detect security incidents in their environment with their tools.

This will lead to the development of actionable plans to quickly respond to and contain security incidents. The ability to respond to a security incident in hours or days, instead of weeks or months, translates to whether the organisation has a small issue or a large data breach that could eventually become public, the firm says.

The company adds it saw many IOT attacks in 2017, beyond those involving the popular Mirai, a malware that corralled CCTV cameras and routers into a large botnet by exploiting weak passwords. One example was Reaper, a malware that exploited vulnerabilities in IOT devices to gain access and spread itself, it explains.

Summers points out the end result of these types of attacks is threat actors can enlist millions of compromised IOT devices to drive large-scale attacks, including the distributed denial-of-service attacks that commonly disrupt and take down Web sites, gaming and other Internet services.

FireEye says with the number of connected devices constantly growing, it is highly likely attackers will move quickly to exploit newly identified vulnerabilities.

This year will likely bring a new level of sophistication in IOT-based botnets, and we may also see attackers targeting certain IOT devices (smart refrigerators and home automation, for example) with ransomware, it notes.

New year's resolution

Network video solutions provider Axis Communications says as a result of the largest data breach in SA's history, as well as a record number of armed robberies against businesses recorded in 2017, security is a new year's resolution for most local businesses.

"Cyber criminals are ever more sophisticated and well-resourced, and tirelessly look to exploit vulnerabilities in technology across all industry sectors," says Roy Alves, sales director at Axis Communications.

"Moreover, tech trends such as mobility, BYOD [bring your own device], and the Internet of things are culminating in many more devices needing to be connected to the network. This equates to a plethora of new access points that cyber criminals can exploit."

In its predictions, Panda Security says cyber warfare is already a reality being faced. It notes the difference in 2018 is the likelihood of collateral damage from these attacks. The Internet has no borders and attacks can spread across the world – affecting more than the original target, says Panda.

It believes this year, file-less attacks will become widely used by hackers to avoid detection, and mobile devices will be targeted as hackers try to take advantage of the vulnerabilities that surround the mobile workforce.

According to Panda, crypto-currencies such as Bitcoin are increasingly being used as a means of digital payment.

Nonetheless, it points out these currencies will continue to increase in value and usability, and are likely to become targets for cyber criminals.