If businesses want to protect themselves from cyber threats, they must stay one step ahead of the ever-evolving and changing world of cybercrime

As the amount of victim’s that pay ransom drops, smart ransomware authors will target insurers to identify organisations with extortion insurance, and then attack them directly

At the beginning of each new year, there is no shortage of information security predictions and warnings. As we move further into 2018, Corey Nachreiner, CTO at WatchGuard Technologies takes stock and identifies five key issues to look out for.

1. IoT botnets will force governments to regulate

In 2016, the Mirai botnet showed the world just how powerful an army of IoT devices can be, launching successful, record-breaking DDoS attacks against popular websites like Twitter, Reddit and Netflix. Attackers continue to target these devices due to their weak or non-existent security, both in development and deployment.

“Attackers have already started improving on the Mirai source code, which will mean larger and stronger botnets in 2018. For example, the Reaper botnet actively exploits common vulnerabilities in IoT devices to gain access to the devices instead of relying on a hard-coded credential list,” said Corey Nachreiner.

As attacks continue to grow in effectiveness, the damage they cause will grow until the IoT manufacturing industry is incentivised or forced to add stronger security to their products by government regulation to address IoT security.”

Potential IoT device regulation will most likely affect manufacturers of consumer-grade IoT devices first and will likely mirror similar liability-oriented regulations in other industries, where the manufacturer is held at least partially accountable for flaws in their products.

2. Expect Linux-targeted attacks to double

In WatchGuard’s Q1 2017 Internet Security Report, Linux malware represented 36% of the top malware and the volume of network software exploits targeting Linux systems increased throughout the year. Research from WatchGuard’s Threat Lab’s honeynet also discovered many telnet and SSH attacks targeting Linux-based systems, similar to the Mirai IoT botnet.

This suggests we will see a further dramatic increase in attacks targeting Linux systems in 2018, driven by the desire to target inexpensive IoT devices using embedded Linux and released with highly insecure defaults.

3. Increased adoption of corporate cyber extortion insurance will fuel ransomware

Cyber insurance helps cover the costs and sometimes the lawsuits that result from breaches, and more recently, insurers have promoted optional extortion insurance packages that cover the costs of ransomware and other cyber extortion. In some cases, the insurers even pay the ransom to help the victim recover their information.

Tesla Enters Securities With a Boom

As attacks continue to grow in effectiveness, the damage they cause will grow until the IoT manufacturing industry is incentivised or forced to add stronger security to their products by government regulation to address IoT security.”

Potential IoT device regulation will most likely affect manufacturers of consumer-grade IoT devices first and will likely mirror similar liability-oriented regulations in other industries, where the manufacturer is held at least partially accountable for flaws in their products.

2. Expect Linux-targeted attacks to double

In WatchGuard’s Q1 2017 Internet Security Report, Linux malware represented 36% of the top malware and the volume of network software exploits targeting Linux systems increased throughout the year. Research from WatchGuard’s Threat Lab’s honeynet also discovered many telnet and SSH attacks targeting Linux-based systems, similar to the Mirai IoT botnet.

This suggests we will see a further dramatic increase in attacks targeting Linux systems in 2018, driven by the desire to target inexpensive IoT devices using embedded Linux and released with highly insecure defaults.

3. Increased adoption of corporate cyber extortion insurance will fuel ransomware

Cyber insurance helps cover the costs and sometimes the lawsuits that result from breaches, and more recently, insurers have promoted optional extortion insurance packages that cover the costs of ransomware and other cyber extortion. In some cases, the insurers even pay the ransom to help the victim recover their information.

Tesla Enters Securities With a Boom

Wi-Fi attack tools with simple user interfaces such as the Wi-Fi Pineapple by Hack5 made it possible for amateurs to perform advanced Wi-Fi attacks and there are now some 3 million ‘how to’ videos online for performing man-in-the-middle attacks on 802.11 networks,” said Nachreiner.

“In 2018, the affordability and availability of SDRs which allow a device to talk and listen to a very broad range of wireless frequencies, will help drive new attacks focused on other wireless protocols.”

You can already find SDR-based attack tools, such as HackRF One on the market and with more equipment vendors incorporating wireless connectivity into their products, this creates many interesting new targets for wireless hacking.

5. A major vulnerability will topple a popular cryptocurrency

When most people think of cryptocurrency and blockchain, the first thing that comes to mind is Bitcoin. But while Bitcoin was the first cryptocurrency and remains the most popular, there are many different crypto coins such as Ethereum, Litecoin and Monero, which all maintain total market capitalization over $1 billion.

Each new cryptocurrency brings new innovations to their respective blockchains. Ethereum’s blockchain, for example, acts as a fully decentralised computer capable of running applications.

Bug bounty programs and public code reviews have become a major part of blockchain development, but attacks have continued, including one that targeted a popular Ethereum multi-signature code wallet and made between $100 and $500 million in Ethereum permanently inaccessible.

“As the value of these cryptocurrencies grows, they will become much more appealing targets for cybercriminals looking to make millions,” said Nachreiner. “I would not be surprised if hackers find a vulnerability severe enough to completely wipe out a popular cryptocurrency by destroying public confidence in its security in 2018.”