Free Privileged Account Discovery Tool: Identify & secure credentials to stop lateral movement. Download Free

BeyondTrust
  • Products
    Privileged Password Management
    Discover, manage, audit, and monitor privileged accounts
    Password Safe DevOps Secrets Safe
    Endpoint Privilege Management
    Manage privileges on Windows, Mac, Linux, and Unix endpoints
    Windows and Mac Unix and Linux Active Directory Bridge
    Secure Remote Access
    Centrally manage and secure remote access for service desks and vendors
    Remote Support Privileged Remote Access
    BeyondInsight Analytics
    See All Solutions
  • Resources

    Universal Privilege Management

    Our innovative Universal Privilege Management approach secures every user, asset, and session across your entire enterprise.

    Watch Video

    Learn

    Case Studies
    Competitor Comparisons
    Datasheets
    Glossary
    Product Demos
    Whitepapers

    Attend

    Events
    Go Beyond
    Training
    Webinars

    Support

    Changelog
    Professional Services
    Technical Documentation
  • Blog
  • Partners
  • Contact
  • Support
  • Services
  • Training
  • Events
  • Company

5 cybersecurity predictions for 2018

December 15, 2017

  • Blog
  • Archive

It’s that time of year already, and what a year it has been! The ever-changing landscape of cybersecurity was rocked by some major breaches throughout 2017.

Key moments include the WannaCry ransomware attack that compromised the NHS and affected large companies in over 99 countries, the Petya and NotPetya strains of ransomware/malware that infected thousands of large organizations, and more recently, Uber’s huge data breach that saw them pay hackers to delete 57 million pieces of sensitive information.

With all of this now behind us, we want to know how the cybersecurity will evolve in 2018. What changes will organizations have to adapt to if they’re to stay secure? What technology should they adopt to achieve this? And how will new regulations (like GDPR) affect the way data is stored and protected?

Courtesy of our Security Analyst James Maude, here are our top five predictions for the year ahead…

1. Ransomware to run riot

With WannaCry and NotPetya, cybercriminals have seen how effective it can be to target enterprises with ransomware. In 2018 we will see this broadening out with more enterprise specific ransomware strains and more systems being targeted.

Ransomware will continue to broaden out as databases, websites, IoT and ICS are all prime targets. We may see some interesting new variations of ransomware either encrypting data or disrupting access to these systems. Critical infrastructure and financial systems will need to become more resilient to disruption caused by attacks that seek to restrict the availability of resources and data.

2. Living off the land

As browser security improves and Windows 10 gains traction, attackers are shifting away from relying on vulnerable or unpatched software to gain access to a system. In 2018 we will see more attacks that “live off the land” and exploit applications and functionality that are built into the system and applications.

We have already begun to witness this with an increase in script-based malware using PowerShell and various Office exploits that use built-in functions to run code or launch apps without relying on macros. These attacks are very powerful as they use legitimate trusted applications to evade detection and are often difficult to prevent.

3. The stresses and strains of GDPR

Becoming GDPR compliant will challenge a lot of businesses who are not already prepared. In SMEswith smaller IT and security teams this may be a drain on already limited resources and cause them to take their eye off the ball as they focus on data mapping and policy work. Those who have not planned or budgeted for this extra workload will suffer the most and may unintendedly expose the business to risk. We will also see a lot of consultants riding the wave of GDPR fears as it becomes the new Y2K bug.

For further help with your GDPR efforts, you can watch our 8 minute webinar to learn more about the regulation, along with understanding how Defendpoint can help you to achieve compliance with ease and efficiency.

4. Artificial Intelligence: the good and the bad

Attackers will start to leverage AI to evade detection and build more effective attacks. We have already witnessed machine learning being used to evade detection and this is increasingly becoming an automated service. Given the volume of data available online, AI could also be harnessed to build better targeted attacks by learning about and interacting with potential victims.

On the flipside AI will also help inform and automate security responses and reduce the incident response time, as more organizations will turn to automation and orchestration technologies to bring together data from various "sensors" and create actionable intelligence. This will provide a way to augment lines of communication and gain the most from their investments in Cyber Security.

5. People will continue to be the weakest link

Social engineering will continue to be the go-to strategy for cyber criminals. People are the easiest way into an organization, they can be easily duped into providing credentials or executing malicious code, often subconsciously. There needs to be a two-pronged approach to counter this; 1) invest in security foundations to mitigate these types of attack executing 2) Provide regular security awareness training.

Do you have any predictions you’d like to share with us? Please feel free to get in touch. And for any more information on how Defendpoint can make your company more secure, compliant and productive, why not schedule a free demo today?

James Maude

Stay Up To Date

Get the latest news, ideas, and tactics from BeyondTrust. You may unsubscribe at any time.

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

You May Also Be Interested In:

Webcasts | February 09, 2021

Customer Webinar: Remote Support 21.1 Released!

Webcasts | February 24, 2021

Your PAM 2021 Blueprint: Securing Privileged Accounts for On-Premises and Cloud Assets

Whitepapers

Evolving Privileged Identity Management (PIM) In The 'Next Normal'

BeyondTrust Logo
  • Facebook
  • Twitter
  • LinkedIn

Keep up with BeyondTrust

I agree to receive product related communications from BeyondTrust as detailed in the Privacy Policy, and I may manage my preferences or withdraw my consent at any time.

Customer Support
Contact Sales

Products

  • Endpoint Privilege Management
  • Password Management
  • Privileged Remote Access
  • DevOps Secrets Safe
  • Remote Support

Resources

  • Blog
  • Case Studies
  • Competitor Comparisons
  • Datasheets
  • Glossary
  • Videos
  • Webcasts
  • Whitepapers

About

  • Company
  • Careers
  • Contact
  • Events
  • Leadership Team
  • Partner Program
  • Press

Languages

  • English
  • German
  • French
  • Spanish
  • Korean
  • Portuguese
  • Japanese
  • Privacy
  • Security
  • Manage Cookies
  • WEEE Compliance

Copyright © 1999 — 2020 BeyondTrust Corporation. All rights reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust Corporation is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.