Industry News

Conference

18 Dec 2017

Cybersecurity in 2018: what we can expect to face

Sam Clark

Brian Chappell, senior director, enterprise and solution architecture, BeyondTrust

brian-chappell-beyondtrust

There will be an increase in mobile phone spam. With there being more mobile phones than citizens in most countries, mobile phone spam will rise 10,000% due to automated spam and dialling ‘botnets’ that essentially render most phones unusable because they receive so many phone calls from unidentified numbers.

This rise in phone spam will push cellular carriers to start to require that end users adopt an “opt in” policy so only those in their contacts can call them.

We can also expect to see an increase in ‘gaming eleteware’ infections. ‘Gaming deleteware infections across most major platforms will increase as botnets continuously attack gaming networks and devices such as Steam, Xbox, PlayStation, and Nintendo systems, with the sole intention of rendering the machine inoperable. The malware is downloaded as an embedded game add-on, causing millions of devices to need to be replaced.

Finally, as we see a rise in the adoption of the ‘latest and greatest’ device, we will see devices, including IoT devices, be cyber recycled. These devices, including mobile phones, won’t be destroyed, however. They will be wiped, refurbished, and resold within the U.S. and overseas even though they are have reached the end of their life. Look for geographic attacks against these devices to rise since they are out of maintenance.

Sarah Lahav, CEO, SysAid Technologies

sarah-lahav

IoT devices are starting to appear in our workplaces, and that trend is set to accelerate. This is something that should make all of us pause for thought because it’s going to have an impact on how we manage security.

If you belong to an organization that thinks of itself as security conscious, you have no doubt already devoted resources to managing network security, patches, version control and everything else needed to ensure your computers are safe and secure. You are much less likely to have given a lot of thought to your IoT devices.

Ensuring that these are safe is certainly going to make security management quite a lot harder; but if you ignore them, you might suddenly find your data centre under attack from the lightbulbs and toasters in the canteen!

The number of security breaches reported in the press has been escalating for many years and the scale of such breaches has been growing too. Many of these breaches have resulted in huge costs for the companies involved and the resignation of the board members responsible. There is no end in sight.

Carson Sweet, co-founder and CTO, CloudPassage 

carson-sweet-cloudpassage

Every business wants to be more competitive, and the growing acceptance of shadow IT helps. Enterprise reliance on shadow IT will explode in 2018, and so will cyber attacks on these resources. Organizations will need to develop comprehensive policies and strategies for their shadow IT, or the consequences will be stark.

Cyber is the new battleground for cross-state conflict. There are a few reasons that this situation has evolved to the point that attacks on U.S. infrastructure will happen in the near future. These include growing dependence on technology, growing challenges in protecting technology, and the attractiveness of cyber warfare.

These issues have existed for years, but they’re independently hitting critical mass while at the same time converging into a “perfect storm” situation.

Jeff Costlow, director of security at ExtraHop

jeff-costlow-extrahop

Big tech companies have been preparing for Perfect Forward Secrecy for several years now, and now the rest of the world will be catching up. Apple Store requires TLS 1.3 (requiring PFS) for all apps. Twitter, Signal, WhatsApp have used it for years, as have privacy activists such as Amnesty International and the Electric Frontier Foundation.

Within a couple of years, people will have started to change their keys as PFS picks up pace. To be sure, staying with TLS 1.2 will leave you open to Drown, Sloth, Poodle attacks and a variety of other ‘man in the middle’ attacks.

Derek Brost, director of engineering, Bluelock

derek-brost-bluelock

Expect targeted ransoms to get more precise and expensive. Cyber attackers are increasingly recognizing that the value of attorney-client and financial data may exceed its conventional ransom evaluation. Most notably in this category is the Panama Papers breach, which has continued to have significant client implications.

Furthermore, sophisticated financial data theft from breaches such as Equifax, DocuSign, and the U.S. Securities and Exchange Commission demonstrate adversaries’ knowledge of data value and an ability to leverage it to their advantage. In addition to simple ransomware attack vectors, covert data theft and high-target ransoming will continue to become more common.

David Emm, principal security researcher, Kaspersky Labs

david-emm-kaspersky

Connected vehicles are likely to face new threats as a result of growing supply chain complexity leading to a scenario where no one player has visibility of, let alone control over, all of a vehicle’s source code. This could make it easier for attackers to break in and bypass detection.

In healthcare, attacks breaching private networks to target medical equipment and data with the aim of extortion, malicious disruption or worse, could rise as the volume of specialist medical equipment connected to computer networks grows.

In financial services, the increased security of online payments means that fraudsters will turn their attention to account takeover attacks. Industry estimates suggest fraud of this type will run into billions of dollars.

Industrial security systems are likely to be at increased risk of targeted ransomware attacks. Operational technology systems are more vulnerable than corporate IT networks.

I also expect to see targeted attacks on companies for the purpose of installing cryptocurrency miners – and in time this could become a more lucrative, long-term business proposition than ransomware.

View all Industry News
Loading

Sponsors

Platinum Sponsor

Platinum Sponsor

Keynote Theatre Sponsor

Theatre Sponsor

VIP Lounge Sponsor

Compliance & Change Detection Leader

Gold Sponsor

Gold Sponsor

Gold Sponsor

Gold Sponsor

Silver Sponsor

Silver Sponsor

Silver Sponsor

Silver Sponsor

Silver Sponsor

Bronze Sponsor

Bronze Sponsor

Bronze Sponsor

Bronze Sponsor

Bronze Sponsor

Partners

Knowledge Partner

Global Analyst Partner

Official TV Partner

Official Video Partner

Official News Release Distribution Partner

Security Education Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Media Partner

Media Partner

Media Partner

Media Partner

Media Partner

Media Partner

Testimonials

  • "The best thing of us part opportunity to meet with our partners and customers. We met with many relevant prospects from different verticals and get a sense of the market demand. I understand much more of what the customers in this region."
    CEO and Co-founder, Votiro
  • "Considering the large number of exhibitors at the show, the crowd at our booth is great and stayed consistent throughout the day. Delegates who visited our booth met our expectations and we gathered good leads too!"
    Malwarebytes, Sales Development Representative 
  • "There’s no other show like Cloud Expo Asia and Cloud & Cyber Security Expo that reaches out to two groups of different audience from both cloud and cyber security in the same venue which is exactly who our service offerings are for! We have been participating in both Cloud Expo Asia, Hong Kong as well as Cloud Expo Asia, Singapore and more than happy to be part of the next edition!"
    Technical Account Manager North Asia, Qualys
  • "We met our target audience including service providers and SI, we have lot of interest throughout both days which is great! The show is definitely a platform for us to meet APAC audience and catch up with our partners across the different shows here."
    Channel Manager – Strategic Alliance APAC, Webroot