Shulou(Shulou.com)06/01 Report--

Employee email is the biggest threat any company needs to face. Email is one of the most popular threat vectors and it is increasingly being used by cybercriminals as a vehicle for phishing, malware and corporate email breach (BEC) scams. 2018 ends with cybersecurity incidents for the past year. A summary is given below:

01. Email remains a popular attack vector

Employee email is the biggest threat any company needs to face. Email is one of the most popular threat vectors and it is increasingly being used by cybercriminals as a vehicle for phishing, malware and corporate email breach (BEC) scams. According to the 2018 Email Security Trends Report, 93% of vulnerabilities include phishing (or harpoon phishing) elements.

Reducing risk requires combining technical aspects of cybersecurity, including the use of AI-driven tools to better detect threats, with practical operations. However, the latter is where organizations often lag behind. To be able to defend themselves, they need to equip their employees with technology to spot suspicious emails and combine it with more advanced cybersecurity training methods.

02. Data breaches come into focus

According to the Identity Theft Resource Center (ITRC), there have been more than 1,100 data breaches so far in 2018, totaling 561,700,000 exposure records. The 2018 Cost of Data Breach Study, sponsored by the Ponemon Institute and IBM Security Agency, found that the global average cost of a data breach is now $3.9 million, up 6% from 2017.

Here are the top 10 data breaches of 2018:

Aadhaar (1 billion records exposed) Marriott Starwood Exactis (340 million records exposed)MyFitnessPal (150 million records exposed)Quora (100 million records exposed)MyHeritage(92 million records exposed)Facebook-Cambridge Analytica(87 million records exposed)Google+(5 million records exposed)Facebook(50 million records exposed)Chegg(40 million records exposed)03. Ransomware attacks are still worthy of attention

While ransomware topped the list of cyber threats in 2017, WannaCry and NotPetya stand out. The frequency of extortion attacks decreased in 2018. According to Kaspersky's Ransomware and Malious Cryptominers 2016-2018 report, ransomware infections have fallen nearly 30% in the past 12 months, while cryptocurrency mining has grown by 44.5% over the same period.

While ransomware is decreasing in volume, it is increasing in sophistication as cybercriminals upgrade their attack methods. The number of new ransomware variants is up 46 percent from last year, meaning ransomware remains a threat to many businesses, especially when it comes to healthcare and finance, which are two of the hottest targets for ransomware attacks.

Still, even if you're good at cybersecurity, it's hard not to make mistakes. To reduce the risk of data loss from ransomware attacks, organizations such as enterprises should focus on implementing data protection strategies that include not only automatic backups but also easy recovery.

04.Cryptomining malware grows rapidly

According to Check Point's Cyber Attack Trends (Mid-2018 Report) analysis, 42% of organizations were affected by crypto malware in the first half of 2018, compared to 20.5% in the second half of 2017. As mentioned above, it even surpassed ransomware as the biggest cybersecurity threat of 2018. In fact, the three most common malware variants discovered in the first half of 2018 were cryptocurrency miners.

Crypto malware allows cybercriminals to take over the computational resources of unwitting victims and use them to mine cryptocurrencies such as bitcoin. Various factors have contributed to the spiraling frequency of malware-induced security incidents, including the rising price of malicious mining software and the increased availability of easy-to-use tools to release crypto-mining scripts on devices, networks, and websites.

The direct impact of encryption malware is often unrelated to performance. It slows down the device, overheats the battery, and sometimes makes the device unusable. In contrast, it has a broader impact on organizations, where the spread of encrypted malware in their internal environment puts the network at risk of being shut down.

05. New data security legislation

There is no doubt that new privacy laws in the U.S. and Europe, such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), have dominated the headlines so far. While they are not exactly similar, they are both committed to protecting consumers 'privacy needs and control over personal information.

Other states have also introduced data protection laws to provide consumers with greater transparency and control over their data. Vermont's new data privacy law, for example, in addition to expanding breach notification rules, requires organizations to make significant changes in how they process, record, and store personal data.

06. Cybersecurity Talent Gap Widens

As cybercriminals leverage the notorious dark web's increasingly sophisticated tools and methods to intensify their attacks, white-hat professionals need as much help as possible to prepare for and respond to cybersecurity incidents.

According to recent estimates, there will be as many as 3.5 million vacant positions in the cybersecurity industry by 2021. A severe shortage of talent has left many organizations stranded because it is difficult to find good safety engineers who demand six-figure salaries when needed. Of course, criminals will also target organizations that are short of staff and unable to prevent, detect and respond to cyberattacks in order to take advantage of them.

07. Intelligence does not necessarily mean safety.

The current Internet of Things network security situation is not optimistic. There have been horrific hacking attacks in the past, and consumers are becoming aware of the unique challenges of securing IoT systems. But at the same time, IoT hardware vendors are still slow to respond.

Today, IoT devices are vulnerable to many threats. First, vulnerabilities are not patched in a timely manner, and device manufacturers ignore security factors. Second, IoT devices are at risk of being manipulated to execute DDOS attacks.

RFID spoofing can also be used to compromise IoT devices. They enable cybercriminals to read and record data transmissions by creating fake RFID signals. However, the biggest security challenge facing IoT experts is overcoming software threats, as cyber attackers rely on malware, Trojan viruses and malicious scripts to disable IoT systems.

What are the most important cybersecurity trends to watch in 2019? 2018 was a year of frequent cybersecurity incidents, and with new cyberthreat attacks emerging, new APT groups emerging, and more regulations around data privacy, 2019 will be another important year for cybersecurity. Here are the most noteworthy cybersecurity trends for 2019. 01. More vulnerabilities After researchers discovered two critical Apache Struts vulnerabilities in 2018, they believe another major vulnerability will soon emerge, stemming from a flaw in the software that has been at the heart of the Equifax vulnerability. "Apache Struts presents a unique challenge because it is subsumed by many other Internet-facing programs, meaning traditional vulnerability scanners may not be able to detect Apache Struts, but botnet scanning vulnerabilities will find it," said Recorded Future's Liska. At the beginning of 2018, two hardware-based side channel vulnerabilities, Spectre and Meltdown, were exposed, causing an uproar. The two companies have influenced microprocessors that have been widely used in computers and mobile devices over the past decade, including those running Android, Chrome, iOS, Linux, macOS and Windows. Security experts predict that Spectre variants will continue to be discovered in 2019. Ellison Anne Williams, CEO of Enveil, said in an email:"The chip defect announced in 2018 may be the most common memory attack surface vulnerability we have seen so far, but it will certainly not be the last. "02. Complex IoT attacks The Internet of Things (IoT) market is about to explode-but many of these devices are manufactured with little or no security in mind. Since the emergence of Mirai botnets in 2016, researchers have seen IoT devices maliciously exploited to launch a range of threat attacks, including encryption, ransomware and mobile malware attacks. The future could be even worse:"IoT threats will grow more sophisticated in 2019, moving from botnets and rogue ransomware infections to APT surveillance, data filtering, and direct manipulation of the real world to disrupt operations," said Joe Lea, vice president of products at Armis. 03. When it comes to cyber threats, the infosec community expects encryption to disappear from the web and ransomware to return to the forefront. For many cybercriminals, crypto attacks aren't as profitable as they initially hoped, and it turns out that they can only make money if attackers are able to infect tens or hundreds of thousands of devices. However, ransomware is still profitable:"SamSam, for example, has made nearly $6 million from ransomware attacks that use open RDP servers as portals," said Allan Liska, senior technical architect at record Future. We're already starting to see new ransomware variants replicating this pattern, and we'd like to see a new batch of ransomware families continue to extend this attack method. 04. As remote monitoring becomes more widely used in industrial environments, operational technology (OT) and IT are converging, making critical systems increasingly vulnerable to cyberattacks. Smart connected devices will become the standard in manufacturing plants, utilities, and other fields with critical infrastructure, where digitization combined with physical operations will increase the likelihood of remote attacks. These attacks damage or destroy robots, sensors and other devices that drive most of the machinery and infrastructure in our daily lives. 05. As vulnerability patches became the focus of attention in 2018, the narrative surrounding the vulnerability disclosure process evolved from a 90-day rule at the time of disclosure to a more timely patch release. "As vendors increasingly focus on vulnerabilities--whether through bug bounty programs, mutation analysis or testing, discovery--remediation-the time required to go public has been reduced from 90 days to 30 days or less. Pavel Avgustinov, co-founder and vice president of Semmle Platform Engineering. 06. Biometrics have become the preferred method of personal identification for banks and other institutions in 2018. However, 2019 is likely to see more security incidents related to biometric systems. Kaspersky Lab researchers Yuri Namesnikov and Dmitry Bestuzhiev said:"There have been several major biometric data breaches. Zscaler's Depth Desai said in an article that by 2019,"we will see cybercriminals continue to focus on attacking critical software supply chain infrastructure to carry out larger scale attacks." Attackers have begun to recognize the advantages of supply chain attacks-starting with the NotPetya campaign in June 2017 and spreading rapidly thereafter, wiping data from thousands of computers worldwide. 2018 saw a spate of supply chain attacks involving companies like Delta Airlines and Best Buy. 08. Privacy legislation Several large data privacy scandals have surfaced in 2018, most notably Facebook's Cambridge Analytica incident, and security researchers believe there will be more legislative and regulatory measures on data privacy in 2019. Dave Weinstein, Claroty's director of threat research, said:"Security and privacy form a special relationship in Congress, with far-left radicals partnering with liberal conservatives. "MPs are likely to follow the example of the EU and learn from many aspects of GDPR. That said, their lawyers and lobbyists have long anticipated this day, so Silicon Valley (not Washington) should set privacy rules. While the European Union implemented the General Data Protection Regulation (GDPR) in 2018, security experts believe 2019 will really begin to show how its implementation will have unintended impacts on data privacy and transparency. "In 2019, we'll see companies introduce more employees, tools, and training to address data clutter so they can leverage valuable data while complying with GDPR," said Looker Chief Data Officer Daniel Mintz.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.