The 2019 security landscape holds new developments, promises, threats as well as opportunities to tackle the issues that our industry faces today. While we have witnessed several cases of information leaks including the major Facebook-Cambridge Analytica data breach, we also saw some cyber security advances such as privacy updates around GDPR to safeguard the data of citizens of the country. Organizations must look to the threat horizon, accelerate and collaborate to out-innovate and out-maneuver the attackers. As we head into 2019, here are five security predictions to prepare for:
1. 'Unique human identities' to be under attack
As the world goes digital, we will witness a new wave of attacks against emerging 'unique human identities'. Biometric fingerprint, voice and face recognition have proven effective in consumer devices, and organizations will look to new authentication methods like embedded human microchips. Attackers will increasingly target these identities to gather massive amounts of biometric data for their own benefits. Genetic consumer-services, biometric stores within organizations and more will become key targets, further elevating privacy concerns. With the evitable occurrence of a data breach the network parameter disappearing, organizations must adapt and secure identities of employees as well as their customers.
2. Government sanctioned social media accounts to become critical infrastructure
Social media is being used by different government agencies across the world to communicate with their citizens. In order to encourage the use of this dynamic medium of interaction, Department of Electronics and Information Technology have a framework and guidelines formulated for the use of social media for government organizations. These guidelines will help them to make informed choice to meet the requirement of interaction with varied stakeholders. In 2019, we will witness government sanctioned social media accounts (elected officials and agencies) as critical infrastructure. Just like government text messages are monitored, similarly social media will be regulated as well. The social media framework for the government of India has been created to enable government agencies to use these platforms more effectively and reach out to the stakeholders.
Social media allows real time engagement but it also has a dark side, illustrated in the past year by the false missile alerts that sent residents of Hawaii and Japan into a panic. This provides a glimpse of how attackers could use official social accounts to spread chaos.
3. Trade wars to trigger commercial espionage
Government policies designed to create 'trade wars' will trigger new ways to steal intellectual property and other trade secrets to gain competitive market advantages. Nation-state attackers will combine unsophisticated, yet proven, tactics with new techniques to exfiltrate IP, as opposed to just targeting PII (personally identifiable information).
Many such attacks will be carried out by malicious external attackers and we will also see an uptick of insider attacks, especially in cutting-edge industries like autonomous cars. We will also witness attacker dwell times extend as nation-states spend more time conducting reconnaissance and carrying out these trade-driven attacks. In the black market we will see the emergence of nation-state weapons getting commercialized. This same phenomenon happened after Stuxnet, Petya and NotPetya - where cyber criminals take pieces of code from massive nation-state attacks and incorporate them into their attacks.
4. Blockchain to help supply chain
Blockchain will transform the supply chain in 2019. Throughout the history of supply chains, there have been various innovations. Following allegations of nation-states targeting the supply chain at the chip level to embed backdoors into both B2B and consumer technologies, organizations will embrace blockchain to secure their supply chains. Every transition is recorded on a block and across multiple copies of the ledger which is highly transparent. The distributed nature of blockchain makes it suited to validate every step in the supply chain. We will see blockchain help increase the efficiency and transparency of supply chains and positively impact everything in the business.
5. Transferring of trust and risk to third parties like Google and Facebook
The embrace of Google's BeyondCorp strategy - shifting access controls from the network perimeter to individual users and devices without the need for a traditional VPN will expand the attack in 2019 if we do not take necessary precautions. This 'zero trust' approach can open up several attack vectors. First, it transfers risk and trust to third parties, like Google or Facebook and then the identity providers are exposed to an expanding attack surface with the help of authentication protocols and temporary API keys that can be compromised. This transfer of trust opens up the very real possibility of attackers weaponizing identity provider assets or services to expose credentials or allow privileged access.
Second, the BeyondCorp approach requires an organization to expose some of its infrastructure in order to allow employees to use applications or access the network. Whenever organizations expose assets to the outside world, they also expose the errors they have made. Attackers will look at the visible weaknesses to exploit the company whether it is ports that are open that should not be or mis-configured security settings.
The author is the Regional Director of Sales - India, CyberArk