Last year saw cyberattacks such as WannaCry and Netya illustrate how adversaries are becoming more creative in how they architect their attacks.
The world of cybersecurity has witnessed changes frequently with security experts trying to gain know-how about what is happening and how they can mitigate it.
Scott Manson, Cybersecurity Lead, Middle East and Africa, Cisco, said: “The universal fact is that we have to accept that we can’t protect everything, but we can find a way to control what matters the most.
“Unfortunately, ransomware attacks will almost certainly become more pervasive and varied during 2018. Some attacks will adhere to the brute-force model of infect, lock and extort, while others will be more sophisticated.
“Evolutions in ransomware, such as the growth of Ransomware-as-a-Service, will make it easier for criminals, regardless of skill set, to carry out these attacks. It turns out that ransomware generated a lot of cash for criminals, an estimated $1 billion in 2016.
“In the future, ransomware will not merely target individual users, but also target entire networks. Given that ransomware can penetrate organisations in multiple ways, reducing the risk of ransomware infections requires a portfolio-based approach, rather than a single product.
“Often, victims of ransomware choose to pay the ransom, because they have no other means by which to restore their systems and data. Don’t pay the ransom. Create strong plans for system and data recovery as soon as possible, including backing up all systems daily.”
It’s only a matter of time before every house and company is connected through the Internet of Things (IoT) and this only adds to the potential for cyber-attacks.
“We predict that as many as one million new connections per hour will be added to the Internet by 2020 expanding the attack surface and making IoT vulnerabilities more critical and more dangerous,” said Manson.
“IoT will move from being seen as a massive security risk in the enterprise, to a critical part of an enterprise’s security posture.
“To meet the security challenges of the IoT-an attack surface that is both growing rapidly and becoming increasingly difficult to monitor and manage, a proactive and dynamic approach to security, and a layered defence strategy, are the keys to protecting IoT devices from infection and attack-or at least, mitigating the impact when some are inevitably compromised by adversaries.”
The security landscape is expected to see an increase in automation in terms of cybersecurity responses.
“Humans are incapable of keeping up with the sheer volume of incoming threats, but their ability to make quick and highly-impactful decisions to manually address such an attack is equally inefficient,” said Manson.
“As our industry faces a talent crisis, automation, machine learning and AI will be critical in ensuring protection, becoming a powerful and effective component of cyber-security incident response. Attaining full visibility into networks is key to stopping hackers, or machines, in their tracks and machine learning can help here by understanding the behaviour of devices, including IoT devices, on the network and identifying ‘soft spots’ that are just waiting to be breached.
“In 2018 machine learning and artificial intelligence will undoubtedly be integral to the future of the cybersecurity landscape.”