Cybercrime is not a new problem, but one that keeps evolving as technology itself progresses. As we enter into 2019, the cybercrime conundrum continues: it is not a matter of IF a company or institution will be targeted by cybercriminals, but WHEN.
The news is rife with stories of high-profile companies being targeted – the latest one being Marriott which reported that nearly a half-of-billion customer records were breached in December 2018. But while these crimes will make headlines, smaller, less visible organizations are also being targeted including schools, hospitals as well as small to mid-sized businesses. In fact, companies between 10-100 employees are 15-times more likely to be attacked today based on a 2017 Verizon report.
That said, understanding where the vulnerabilities are, the security industry in the technology field is thriving as experts learn how to plug the so-called holes.
Here are a few new cybercrime trends to watch out for in 2019:
- What Does AI Have to Do with It?
One of the key technologies in the fight against cybercrime today is artificial intelligence or AI. It utilizes machine learning techniques to “learn” what to watch out for on networks and in data centers as well as how to react to potentially malicious attacks such as DDoS breaches and botnets, according to Wired Magazine.
In addition, AI is being used in the fight against spam and phishing. For instance, Wired reports that Google has been using machine learning techniques in Gmail “…to filter emails since its launch 18 years ago.”
While AI has become a tool in the war against cybercrime, Dark Reading writes that cybercriminals are starting to become more proficient in both AI and machine learning technologies and as such, are using them to better profile their future victims.
What is being done to help?
Cisco and other companies are now using AI to help better detect malicious activity in organizational networks and data centers. Network World reports that the trend now is having encrypted traffic “end to end” that helps identify when there has been malware in that traffic – but without decrypting the content. Cisco believes encryption will be used in 70% of attacks in 2019. Cisco has already given customers options for securing their resources.
- Influencer Operations
We know the scandals by name now: Russian Election Tampering, Cambridge Analytica – cyber influencer campaigns where agents used the power of social media to spread falsehoods and propaganda. In 2019, security experts believe these influencer operators could become more aggressive and target more local organizations. Dark Reading reports, “A competing retailer could post scores of negative reviews for a competitor in hopes of ultimately driving down that organization’s business.”
What is being done to help?
Council on Foreign Relations or CFR writes that social media companies should more aggressively police their platforms for malicious state-sponsored content. Organizations, from the enterprise to the smaller business, must follow suit and ensure that all social media content relating to its business and competitors are being monitored. That includes ensuring that content posted to its web or social media sites comports with company policies and that any suspicious postings or links are removed immediately.
- IOT Being Compromised:
The Internet of Things (IoT) has moved technology along in great leaps and bounds, connecting devices and appliances to the Internet, making our offices and homes smarter by helping us turn lights on and off, activate alarms, play music and much more. That said, anything connected to the Internet is a potential target for attack. Therefore, as technology companies strive to enact stricter security controls on IOT devices, cybercriminals are learning how to unleash botnets and other malicious viruses to gain access to these devices.
What is being done to help?
Botnets, DDoS attacks and more can be launched on any IOT-connected device – whether in the home or on the manufacturing floor. TechTarget writes that ensuring that IoT-based devices “…avoid potential operational failures and interruptions to enterprise services will go a long way in keeping malicious content out. This will require the business to strengthen physical security to prevent unauthorized access to devices outside of the security perimeter.” TechTarget also reports that information security organizations must begin preparations to transition from securing PCs, servers, mobile devices and traditional IT infrastructure, to managing a much broader set of interconnected items incorporating wearable devices, sensors and technology we can’t even foresee currently.
It is important to be vigilant in developing plans and guideline to secure your organization. Contact DiamondIT at 877-716-8324 to learn more about security training, assessment and implementation services to build out your lines of defense and prevent cybercrime.