Cybersecurity will continue to be a challenge for businesses of all sizes in 2019 — Especially small and midsized ones — as threats evolve to bypass established cybersecurity defenses.
Small and midsized businesses face a threat landscape in 2019 that will challenge their defenses in new and unexpected ways. In order to help SMBs prepare themselves, we wrote this blog outlining what we see as some of the most pressing cybersecurity threats businesses are likely to face in 2019, and some ways that they can protect themselves against the upcoming generation of cybercrime.
The Problem of Email Security Intensifies
Despite the rise of alternative platforms like Slack, email is still the predominant form of electronic business communication worldwide. By the end of 2019, there will be 2.9 billion email users sending roughly 270 billion emails annually. According to estimates by cybersecurity experts, roughly one in one-hundred of those emails will be transmitting a malicious payload.
But securing email will be tricky in 2019. While phishing and social engineering attacks will still trick employees into handing over company data, both will give way to newer and more dangerous forms of fraud. Here are some threats that you should familiarize yourself with in the new year:
1. Business Email Compromise (BEC)
A hybrid attack that may contain elements of phishing, social engineering, malware, and other elements of the hacker toolbox, BEC attacks are often among the most sophisticated new type of cyber threat. Though the specifics of each BEC attack may vary, the general pattern is for scammers to target high-level employees with access to company finances and convince them to make wire transfers to bank accounts that seemingly belong to vendors, suppliers, or partners, but are in fact fraudulent. We’re just starting to see the rise of BECs. According to the FBI, they’ve recorded a 1300% increase in BEC since they began tracking them in 2015.
“Pharming” is a term for a type of phishing attack where either your company’s DNS servers or host files are targeted in order to alter or “poison” IP address record. After infiltration, the servers will redirect users to a malicious site — often a convincing facsimile of a legitimate one — so they can then steal valuable information. While pharming attacks have been relatively uncommon until recently, improved anti-phishing technology means that hackers are likely to increase their use of pharming techniques to bypass them.
3. Snowshoe Spamming
In much the same way that a snowshoe disperses weight over a larger area in order to stay on top of the snow, a snowshoe spam attack sends fraudulent emails from across a variety of servers with a decent email reputation in order to evade spam filters. By combining this delivery method with improved headlines and domain names, often designed to resemble marketing emails, snowshoe spammers greatly increase their chances of avoiding security software and reaching your employees’ inbox.
A New Breed of Malicious AI Emerges
So far, the technology press has been mostly effusive in its praise of machine learning, which is known popularly as “artificial intelligence.” What’s less reported is that AI has a dark side as well, a dark side that will become increasingly evident in 2019 as hackers get better at using the power of machine learning to increase the stealth and impact of their cyberattacks. We expect to see an upswing in AI-powered attacks in 2019, which could come in several forms.
One version is to use AI-powered chatbots to launch sophisticated man-in-the-middle attacks. Where just a few years ago chatbots could barely handle rudimentary customer conversations, advances in machine learning, natural language processing, and computer vision have made them very effective at engaging in a variety of customer interactions. Fraudsters can use chatbots — dressed up to look like trustworthy ones of course — to manipulate businesses and clients into divulging important information by pointing them to fraudulent websites that ask them to install a program, receive support, or pay an invoice, etc.
It’s not just chatbots that are getting the AI makeover. Prepacked malware delivery systems known in hacker circles as “exploit kits” are now readily available for purchase on the dark web, some of them equipped with natural language processing and artificial intelligence capabilities. To learn more about
AI-driven malware and its capabilities, you can read IBM’s description of its “DeepLocker” proof-of-concept system here. DeepLocker shows how this new breed of malware can intelligently unlock itself and begin an attack once a specific criterion has been met. This could be an audio-visual cue, a geolocation requirement, or another variable in the infected IT system, a feature which IBM likens to a “sniper attack.”
Countering Old and New Threats to Stay Safe in 2019
These are some of the threats we anticipate SMBs are most likely to deal with in 2019, but it’s not a complete overview. Industries that rely on a high-degree of employee mobility, for example, will continue struggling to secure mobile devices with EMM platforms, while companies implementing industrial IoT technologies will likely struggle to secure those devices. The general idea is that the more devices attached to a company’s network, the greater its attack surface and security liability.
The emergence of these new threats does not mean that the old ones have gone away either. Although by most accounts the number of ransomware attacks is declining from its 2017 high, projections from Cybersecurity Ventures shows that ransomware will still cost businesses around $11.5 billion in 2019. This means that a sound strategy for 2019 will be an iterative expansion of your efforts last year, one that maintains adequate protection against traditional attacks while also addressing newer threats like the ones mentioned above.
A persistent lack of cybersecurity talent will make achieving this security difficult for some businesses, which makes having a trusted cybersecurity partner like Complete Network a wise decision. If you have questions about your network security — or would like to discuss ways to improve your cybersecurity systems — feel free to contact our team at [email protected] or 877.877.1840. We’re always eager to connect with businesses and help them devise ways to stay safe and productive.