Cybersecurity is constantly under threat by cunning hackers and careless employees. According to the Notifiable Data Breaches (NDB) third quarterly statistics report in 2018, the biggest issues in cybersecurity were phishing attacks, compromised credentials, and human error-induced breaches. Poorly managed smart gadgets and mobile devices also contributed to more cyberattacks, with more threats predicted in the coming year. Here’s a quick roundup of the security challenges to watch out for in 2019.
Social engineering growth
Given the high success rates of phishing scams in 2018, businesses will likely see more sophisticated versions of deception-based attacks in the future.
This year, phishing emails purporting to be from the Australian government tricked unsuspecting targets to go to a fake myGov website that steals personal information. In 2019, more hackers might impersonate other government agencies and name-brand corporations like Microsoft and Commonwealth Bank to effectively dupe their targets.
To resolve this issue, everyone in a company, from interns to the CEO, must receive adequate security training. This involves conducting regular seminars about email security risks and monitoring staff behaviour. Simulated phishing attacks will also be vital in keeping employees vigilant at all times.
Despite repeated warnings from experts, a worrying number of computer users still rely on recycled, easy-to-guess passwords to secure their accounts. As more online services become available in 2019, these unsafe habits are predicted to result in increased password theft incidents. Companies that enforce stringent password policies (e.g., setting unique, 12-character long passwords) and employ multi-factor authentication can minimise the chances of hacked accounts.
IoT threats on the rise
The Internet of Things (IoT), which includes gadgets like smart sensors and security cameras, has exploded into a $19 billion industry in Australia. It allows organisations to collect more accurate data and control everything remotely, but many are deploying it without knowing the risks.
Since IoT devices are connected to the internet, they’re inherently susceptible to network-based intrusions and hacks. What’s worse, smart devices often lack built-in security features or come with default access credentials that users either forget or are just too lazy to reset, giving hackers easy access points. Unless companies realise they need strong password management policies, round-the-clock network monitoring, and firmware update solutions, IoT problems will persist in 2019.
New malware trends
Hackers will use new varieties of malware to steal money directly from targets. Although ransomware continues to plague high-value targets such as the healthcare and finance sectors, these threats will taper off and give way to stealthier forms of malware.
For example, new strains of Trojan viruses designed to gain access to online bank accounts and slip past traditional antivirus detection will proliferate. Cryptojacking programs, which siphon processing power from an infected computer to mine cryptocurrencies like Bitcoin and Ethereum, will also become a dominant force in 2019.
These types of malware are far more subtle than ransomware and can go undetected for a long time, allowing attackers to reliably make easy money. What’s more, the thousands of ready-made malware kits available on the black market means even non-technical criminals can pull off these advanced attacks.
In 2019, Australian organisations are expected to invest up to $5.6 billion on public cloud services, but this also invites security risks. This is because a majority of businesses today mistakenly assume that service providers are solely responsible for cloud security, and overlook the importance of implementing controls such as encryption, multi-factor authentication, access privileges, and data backup policies.
Artificial intelligence (AI) threats
AI-powered security solutions can identify vulnerabilities and respond to modern threats. Such tools are quickly becoming an integral part of any cybersecurity strategy, but the technology does present a few challenges for businesses.
For starters, hackers might use the technology to automatically find weaknesses in a computer system they can exploit. They can even use AI-enabled malware to teach machines to attack computer networks and evade detection by traditional cybersecurity tools on their own.
Overcoming these challenges means businesses will need more than firewalls and antivirus software — they need a multi-layered security strategy that covers all attack vectors, including networks, devices, apps, and data. Not many Australian managed services providers offer cutting-edge security technologies and services, but Empower IT Solutions does. Call us today to prepare your business for all the security challenges in 2019.