Criminal services expand
As predictable as day follows night, 2018 will see more high profile breaches impact large and well-known companies. What will be less visible to the public will be the activities of Crime-as-a-Service (CaaS) which will expand, allowing more focused criminals to rent resource for ransomware campaigns that may never be exposed to the light of public scrutiny. Repeats of a ‘ransom-worm’ using a true zero-day vulnerability is a major concern over the coming year.
Advertising and CDN misuse will rise
The rise of CaaS will also lead to increasing sophisticated ransomware and phishing campaigns as well as the misuse of advertising and other Content Delivery Networks for drive-by exploitation, alongside more well-crafted and convincing email campaigns.
IoT is a soft spot
Over the last few years, the growth of Internet of Things (IoT) has been a major trend which will only accelerate during 2018 leading to a bigger surface area to launch DDoS attacks and as a conduit for injecting malware. The next 12 to 18 months will likely see a major IoT vulnerability within a commonly used shared library that will have a major impact and make international news.
GDPR may raise broader InfoSec awareness
The approach of the GDPR deadline will hopefully raise awareness of the need for good practice around security that spreads from beyond IT to other areas of the organisation. Laziness around password security and lack of two factor authentication are still issues that are hard to overcome but the big stick of GDPR fines may well motivate organisations that have previously put their heads in the sand.
Law suits prompt better security
There seems a growing public awareness about security, especially within the consumer electronic market that is being remade by the growth of IoT. A major incident in 2018 that impacts a large number of users where the culprit is a major vendor and the result is a class action lawsuit, might well be the catalyst for vendors to start building better security within products from day one – instead of the ‘launch fast and patch later’ situation we have today.