In the coming year, cybersecurity threats will continue to come from well-funded state-sponsored threat actors — who will become wilier and more difficult to detect — as well as from “energetic” but inexperienced actors who also want to play the game, Russian cybersecurity firm Kaspersky Lab predicts in a new report.
While the cybersecurity industry has managed to discover “very sophisticated government-sponsored operations,” it will become more difficult to do so as these threat actors go “underground and below the radar” to avoid detection, Kaspersky Lab says in its Targeted Threat Predictions for 2019.
They will do this by deploying new tools, taking aim at their victims’ networking hardware and performing “more sneaky” attacks on selected targets, the report said.
“This shift makes the finding of new, large-scale, sophisticated operations very unlikely, and will definitely take the art of detection and attribution to the next level,” said Vicente Diaz, security researcher at Kaspersky Lab in a statement.
The annual predictions have been developed by Kaspersky Lab’s researchers, based on the insights gained over the previous year, to help individuals and companies prepare for the security challenges they could face over the coming 12 months.
Alongside state-sponsored attacks, the coming year will be characterized by newcomers arriving on the scene, because they can now easily and cheaply buy information and ready-made hacking tools on the internet.
“The barrier to entry has never been so low,” the report said, with “hundreds of very effective tools” and all kinds of frameworks “publicly available for anyone to use.”
There are two regions in the world where such groups are becoming more prevalent: Southeast Asia and the Middle East, the report said.
One of the most worrying attack vectors that has been successfully exploited during the last two years is the use of supply chain attacks — attacks that seek to damage an organization by targeting the more vulnerable elements within a supply network. These kinds of attacks have already “made everyone think about the number of providers they work with and how secure they are. In 2019, this will continue to be an effective infection vector,” the report said.
In addition, there will be continued activity in attacks via cellphones — with threat actors seeking new ways to get access to victims’ devices — and through the use of internet of things (IoT) botnets — when computers and other smart appliances are compromised for illicit purposes.
Spear-phishing — an email or electronic communication scam targeted at specific individuals or organizations — will become even more widespread in the coming year, the report said.
“Data obtained from different attacks on social media giants such as Facebook and Instagram, and LinkedIn or Twitter, is now available on the market for anyone to acquire. Recent large-scale data leaks from different social media platforms might help attackers to improve the success of this infection vector,” the report said.
To try and prevent attacks, increased public awareness can be used “to create a wave of opinion to form part of the argument for more serious diplomatic consequences across the globe,” the report said.