These are the top six cyber threats to data in 2019, says McAfee
Data security firm McAfee recently release its 2019 Threats Predictions, which identifies rising trends in cybersecurity and how they will change the cyber threat landscape in 2019.
The prediction report reflects the informed opinions of a variety of thought leaders, researchers and industry veterans at McAfee. It examines current trends in cybercrime and the evolution of IT security, and anticipates what the future may hold for organizations, consumers and those working to protect them.
Among the key findings of the report:
- Prevalence of attack outsourcing will lead to use of artificial intelligence in evasion tactics
- Bad actors will combine multiple attack types to create synergistic super threats
- Cybercriminals to use bots, negative social media campaigns to extort brands
- Significant increase expected in data exfiltration attempts from the cloud
- Digital assistants to become the next vector for home IoT attacks
- Data-rich social media platforms will continue to be popular attack targets
Information Management spoke with Raj Samani, chief scientist at McAfee, about the top findings of the report and about how organizations can protect themselves from top data security threats.
Information Management: How do these trends differ from what we saw in 2018? What is new or greater in terms of threat levels?
Raj Samani: We have moved away from the Russian roulette game of trying to pick out what threat category is going up or down and focused on the wider trends impacting industry. For example greater collaboration or the emerging role of social media (which of course was realized in the recent Sharpshooter attacks).
IM: The McAfee security predictions for 2019 indicate that the prevalence of attack outsourcing will lead to greater use of artificial intelligence in evasion tactics. How can AI help in this regard?
Samani: Fundamentally, the improvement in efficacy leveraging AI will be critical as the adversary improves their offensive operations in light of their increased investment and capability.
IM: Another prediction is that cyber criminals will use multiple attack types to create super threats. How can organizations respond to such threats in a meaningful way?
Samani: Historically, determining the objective of an attack was relatively straightforward. Recently it has proven more difficult, as we saw with WannaCry and NotPetya. In the future organizations will need to consider that one particular attack may not reflect the true nature of the campaign. For example is this purely a ransomware attack or is ransomware being used as a distraction?
IM: Social media platforms remain a favorite target for cyber criminals. What should the top social media platforms be doing to better safeguard user data that they aren’t doing now?
Samani: The perpetual game of cat and mouse between providers and botnet operators is escalating, whereby the ability to determine a bot account is proving harder and harder. Providers will need to invest more into the intelligence that is used to determine how the adversary is adapting. This requires greater investment into research and leveraging collaboration with academia and other organizations conducting research in this area.
IM: Is there a role for government to play in better safeguarding consumer and corporate data, and if so, what role would that be?
Samani: A very good example we have seen on how the public sector needs to adapt can be demonstrated with the European Cybercrime Center (EC3) and the work they have undertaken in developing relationships resulting in initiatives such as NoMoreRansom. In addition, the Department for Culture, Media and Sport (DCMS) publishing guidance on securing Consumer IoT are all excellent examples.
Another example is the recent indictments by US authorities against those who perpetuate digital crimes. Such actions are absolutely necessary to disincentivize those looking to getting into crime.
IM: What are some best practices of organizations that do a better than average job or cyber defense?
Samani: Beyond the implementation of an information security management program, it is important to get a better understanding of the threats targeting their organization/sector.
Take for example the previous DDoS attacks against the financial sector, the attackers would move from bank to bank. Having a real-time view of threats against a specific sector could proactively prevent active campaigns from being successful.