Targeted attacks are on the rise, and the dark web isn’t helping to curb that trend. To compound this, the recent revelations on Shadow Brokers and CIA Vault 7, as well as burgeoning nation-state cyber capabilities aren’t helping either. It’s only a matter of time before more attack methods are developed using these highly advanced tools.
1. Increase in security spending & awareness in conjunction with cloud migration and device proliferation
With the attack landscape growing at an alarming rate, we’re hopeful of seeing a marked increase in security awareness training and overall cyber security spending in 2018. This should happen as organisations continue to transition to the cloud and threats evolve to target traditional endpoints, mobile devices, IoT devices, transportation mechanisms, critical infrastructure and more.
2. Nation-state actors will look to target infrastructure
Malign nation-state actors, including Iran and North Korea, are likely to increase cyber attacks following increased pressure from the United States. It’s further likely that these and other nation-state actors become emboldened following the non-response from the United States. Global infrastructure will also be a key focus. To date we have only scratched the surface when it comes to real-world effect from cyber attacks.
3. Ransomware economy will continue to grow
With ransomware on the rise, the economy is looking especially positive for would-be cyber criminals. The dark web remains a veritable treasure trove for buyers and sellers. According to Carbon Black research, the dark web economy for ransomware is growing at a rate of 2,502 percent per year. Some sellers of ransomware are making more than $100,000 a year simply retailing ransomware. The ransomware economy is alive and well.
4. The 2018 U.S. mid-term elections will be targeted
2018 is another election year in the United States. It is likely that Russia will engage in more cyber electioneering following their efforts in 2016. Our research data suggests that one in four voters, amounting to 58.8 million people, may not vote in the upcoming 2018 U.S. midterm elections due to cyber security fears. In this regard, U.S. democracy is at risk.
According to SANS Institute data, 90 percent of organisations are now investing more in cyber security than during the previous 12 months. This approach is carrying over to multiple sectors. That is encouraging. Concerning, though, is the fact that organisations are still battling a lack of skills and a lack of cybersecurity staffing.
About half of organisations (47percent) perceive this as a significant problem. And 48 percent of organisations say they lack the resources to execute cyber security improvements in key areas. It appears we’re continuing to play a game of catch-up but the trend may be reversing. We’re hopeful 2018 will mark the turning point.