As we approach a new year, it’s time for security professionals to think critically about the next challenges they will face and how these could impact their organization. Here are the seven things I expect organizations will run up against in 2019 as they try to protect their infrastructure.
- Expect to see more sophisticated artificial intelligence features of security tools in 2019.
Networks continue to be more complex, threats are more subtle, making exploits harder to find and malware persists for weeks or months on corporate networks. Automated patching tools are critical to successful deployment of fixes across the large digital infrastructures running many modern businesses.
- Cryptomining will continue to be a threat as long as attackers can make quick cash from the infections. Be on the lookout and deploy endpoint and intrusion prevention tools designed to detect these exploits.
This past year witnessed the rise of hidden cryptomining malware. While initially motivated by the huge premiums cryptocurrencies traded at, hackers have since found them to be a popular malware method. As evidence of this malware authors got more sophisticated and found ways to hide their code better. One piece of malware exploited blockchain technologies, while another was disguised as an application update. Certainly, defenders need to continually improve their detection methods.
- FIDO2 will continue to gain adherents (such as this recent announcement about better browser integration), and the smartphone authenticator apps will improve and integrate better into numerous mobile products.
This year saw the announcement of FIDO2 tools and protocols that can help improve security using hardware keys. A number of acquisitions and partnerships in the authentication market signal how important identity security continue to be.
- Lack of backup verifications will continue to plague IT managers, making ransomware a continued threat in 2019.
As we saw this year, Equifax and the City of Atlanta both thought their backups would protect them against attacks, only to find that wasn’t the case. Expect to see enterprises conduct more realistic recovery drills and perform additional red team and tabletop exercises to improve their defenses and fix the holes in their security infrastructure.
- Many attackers will continue trying brute-force password attacks.
Make sure your intrusion detection defenses are setup properly to warn you of these efforts. Attackers are getting more sophisticated, but are still lazy. We continue to see new exploits, but often they just leverage existing methods with a twist. Network printers are still a threat, but now multifunction fax machines can also be infected with malware. While traditional Microsoft Office is still a popular malware distribution mechanism, hackers are using Microsoft Excel Web Query (.iqy) files to infect unwary users. IoT devices continue to be compromised via their default Telnet passwords, and malware authors have found new vulnerabilities to take advantage of, such as what researchers have found contained in the Torii Botnet.
- Better cloud security tools will be needed to protect these environments.
While cloud service providers introduced new tools to help secure virtual workloads and storage resources, the news will continue to be filled with stories of those who left web services open (either unintentionally or otherwise).
- This past year saw numerous acquisitions in the security awareness training market segment. We’ll see additional consolidation in this space in 2019.
Hopefully, IT shops will get the message that more security awareness training needs to happen and will do so on a continuous basis. With security awareness, you are only as good as yesterday’s response. Every day, someone is trying to leverage their way into your network, your data and your corporate reputation. Every day, your network is being bombarded with thousands of phishing attempts. Someone is sending multiple emails with infected attachments; hackers are continuously trying reused or common passwords, and creating new blended threats that we don’t even know how they were constructed. Having awareness training is the best way to combat user errors and fight these phishing attacks.
This post was sponsored by RSA, but the opinions are my own and do not necessarily represent RSA’s positions or strategies.
# # #
David Strom is an independent writer and expert with decades of knowledge on the B2B technology market, including: network computing, computer hardware and security markets. Follow him @dstrom.