The Nasstarian
Brought to you by

A Year in Review: The Top 5 Cyber Security Trends in 2019

In opinion / By Phil Muncaster / 06 December 2019

It’s that time again: the end of another year and a perfect opportunity to examine the major security events and trends that have shaped the past (almost) 12 months. Once again there’s been no shortage of incidents: from major GDPR fines to targeted cyber attacks costing individual organisations tens of millions of pounds. One thing has become clear: the job of the CISO and security teams is more challenging than it’s ever been, thanks to a perfect storm of determined hackers, an ever-expanding digital attack surface, the continued explosion of IoT devices, tightening compliance requirements and escalating skills shortages.

With those shortages soaring by more than 100% over the past year to reach 291,000 in Europe, it’s perhaps no surprise that 60% of mid-sized firms suffered a security breach or attack over the previous 12 months, according to an April government report. the security risks facing businesses continue to grow and securing systems remains difficult.

So, in no particular order, here are the top cyber security trends in 2019:

1) Ransomware Attacks on the Comeback Trail

The narrative for many months in 2018 was that crypto jacking had replaced ransomware as one of the biggest threats facing organisations. But while detections certainly soared, they dipped just as quickly this year thanks to the shutdown of Coinhive and a dive in the price of digital currency. In the meantime, ransomware has evolved. It’s on the rise, growing by over 74% from H1 2018 to the first half of 2019, but is also more targeted than before.

Over the past year, big names like Norsk Hydro, Danish manufacturer Demant and others have lost over £100 million thanks to outages caused by attacks. That’s not to mention the surge in attacks targeting US public sector organisations. With hackers using a variety of techniques including phishing attacks, credential stuffing of RDP logins and fileless malware, there’s no let-up in store.

2) GDPR Fines Start to Bite

I might have been wrong about NIS Directive fines in my 2019 predictions. The regulatory framework around this EU legislation is still in its infancy and there has been little if any sign of financial penalties to come for critical infrastructure providers. However, after waiting over a year since the General Data Protection Regulation (GDPR) came into force, 2019 finally saw the first major fines levied by UK regulator the ICO. BA was hit with a massive £183 million fine for failings which led to a digital skimming attack on its customers, while hotel chain Marriott International received a £99 million penalty after hackers stole 339 million guest records.

These penalties tell us much about the changing regulatory environment organisations now find themselves in. We’ve passed the point of no return now: even if Britain leaves the EU the ICO will still be looking for evidence of wrongdoing and is prepared to levy major fines to ensure the country’s data protection laws are aligned with those on the continent.

3) Misconfiguration Everywhere

As I predicted this time last year, human error has become a major risk for firms storing sensitive customer data and IP in the cloud. As more organisations invest in multiple cloud platforms from different providers, their infrastructure is becoming increasingly complex. This, aligned with skills shortages and hard-to-understand access policies, has led to yet more data leaks in 2019. Except now, the hackers seem increasingly well placed to take advantage.

Thus, we’ve seen cloud data leaked by misconfiguration and then held to ransom by attackers, we’ve seen hackers attempt to infect exposed S3 buckets with digital skimming code, and we saw one attacker steal personal information on 100 million Capital One customers and applicants.

4) Magecart Makes Waves

That digital skimming code, known as Magecart, was one of the standout new threats of 2019. It emerged that multiple threat groups were using the malicious JavaScript to infect e-commerce sites like BA’s directly, or to spread the malware via third-party supply chain providers like French ad agencies. Magecart is suspected to have infected tens of thousands of such sites, although the real number could be much higher.

Improving supply chain security audits and monitoring web application code will become an essential prerequisite for running a secure and compliant e-business in 2020.

5) BEC Comes of Age

Last but not least comes business email compromise (BEC). In fact, certainly “not least” because it now accounts for more losses than any other type of cybercrime, according to the FBI. In 2018, these reached nearly $1.3 billion, almost half of the total $2.7 billion reported to the agency last year. Organisations will need to get better at training their staff to spot the tell-tale signs of social engineering that trick finance team members into making large wire transfers to third-party accounts. Similarly, Artificial Intelligence (AI) tools that can spot suspicious changes in writing behaviour indicating a spoofed CEO email will become more popular.

All of these trends and more will likely continue to evolve over the coming months and years. Keep an eye out for some key predictions for 2020!

New call-to-action

Phil Muncaster

Phil Muncaster

Phil is an internationally known technology writer, having regularly written for The Register, InfoSecurity and IT Week on the subject of technology, IT and security.

Comments powered by Disqus