Weaponised emails pose the biggest threat to cyber security
UK cyber security provider Glasswall Solutions predicts the decline of mass cyber-attacks as criminals opt for more tailored methods, with awareness growing that anti-virus technology fails to provide full protection.
Here, Greg Sim, CEO, Glasswall Solutions reveals its five top predictions for the year ahead. “2018 was a year of major cyber-attacks that took many forms, from all-too-common hacks, ransomware and phishing to new, sophisticated crypto-jacking,” says Sim.
“The digital landscape is becoming ever more challenging and demands a serious reappraisal of how enterprises protect themselves. As Artificial Intelligence and Machine Learning advance, hackers and criminals are developing increasingly sophisticated and stealthy attacks that go undetected for longer periods of time.
“Our predictions are firmly based in the new reality – on what we’re already seeing first-hand with our customers and in the market,” he adds.
The five predictions are:
- The weaponised email is still public enemy number one
As we recently saw with the attacks on major US tech firms and industry announced by the US Department of Justice, malicious actors will continue to use weaponised email attachments because they know it remains their most successful payload delivery method. Attachments such as PDFs and Microsoft Office documents will continue to trick even savvy users because of the sophisticated customisation and targeting capabilities attackers now utilise.
Complex and devious social engineering using stolen personal and company data will make it even harder to work out whether an attachment contains malicious or harmless content.
- Major global attacks will decline as criminals become more targeted
As a result of the trend toward evasive and highly targeted attacks, there will be fewer global, large-scale events using an indiscriminate, carpet-bombing approach. Attackers using such non-targeted methods know their malware is halted and quickly becomes void, and that various national security services could soon be breathing down their necks.
In 2018, Glasswall observed an increase in attacks tailored to specific organisations, industries and individual users. It’s the organisational brand – and the associated hack, theft or privacy breach – that will make 2019 headlines. The underlying malware will be publicly blamed for the attack, but the business will take the reputational hit, as will the share price.
- Cyber security will move up the list of business relationship priorities
Criminals and hacking groups will increase their use of supply chain partners and vulnerable or poorly secured third-party products and services as attack vectors. This will escalate the importance of building mutually protective business relationships and reputations based on the most effective cyber security available.
Attackers will exploit vulnerable down-stream business partners to penetrate larger, more rewarding targets, by disguising their activities as normal business communications. A malicious spreadsheet, Word document or PDF hidden as an attachment among millions of emails is a perfect weapon.
- Enterprises will face reality about anti-virus technology
More enterprises will finally admit that anti-virus and other detection-based software don’t always work and that the highest impact and most dangerous advanced threats are still getting through.
Forward-looking CISOs will examine other options (and some are already doing so). The challenge will be to distinguish what works from a sea of marketing claims that obscures the fact there are two types of solutions – signature-based or behaviour-based. Cynicism will increase as enterprises realise that these solutions are about finding problems after they occurred. CISOs will be forced to apply more rigorous evaluation to ensure they invest in new solutions that actually work.
- Security automation will take control of tasks, but with a caveat
The persistent global shortage of information security professionals will accelerate broader adoption of automation and seamless orchestration (ASO) in a rush to normalise lower-level processes.
However, customers will demand that these products do not fail at their primary task of preventing cyber-attacks. In turn, instead of today’s dominance of proprietary protocols, customers will demand seamless integration across platforms and among security point solutions. They will move away from point technologies that offer little to no integration and migrate to those that deliver seamless access to structured and unstructured Threat Intelligence data.
The author of this blog is Greg Sim, CEO, Glasswall Solutions