The cybersecurity expert departments of Entelgy Innotec Cybersecurity expect cybercriminals to focus their efforts during 2019 on these ten major trends:
THE IRRUPTION OF CRYPTOMINERS
And with them the concept of key collection, born from the interest of a third entity in tracking transactions with the aim of creating a parallel database of information for its use, whatever it may be. According to the report on Cryptojacking of the CCN-CERT, the number of samples of this type of harmful code hovered in January 2018 the 94,000; three months later it had increased by 74% to reach 127,000 samples.
ARTIFICIAL INTELLIGENCE, NEW ATTACK POINT
In 2019 the use of Artificial Intelligence will come strongly to organizations and will do so in the form of programmed algorithms to optimize decision making but they will become more vulnerable to attackers and can compromise the activity of companies. “Although they present a greater complexity, the protection of all the points from which they can be accessed is fundamental from the early stages of development”, warn from Entelgy Innotec Cybersecurity.
GREATER CONCERN ABOUT THE PRIVACY OF PERSONAL DATA
“With the entry into force of the new RGPD (May 25, 2018) companies have increased their concerns about security measures to be implemented in their organizations (information leaks) due to the high sanctions defined, but Spanish SMEs continue to without being adapted once the RGPD enters into force. We recommend going to consultants who have the backing of large clients behind them. “
RANSOMWARE: WILL DOWNLOAD THE MOST PROFITABLE MALWARE USE
In the line of previous years, this star practice will be maintained for cybercriminals, although its use will be in decline in favor of the criptomineros. “Ransomware is not new, it has been with us for many years and, although it has continued its sophistication, everything points to a decrease in the number of attacks by 2019.”
ATTACK THE CEO AND USES OF MOBILE DEVICES: THE MOST CLASSICAL
Predictably, the classic attack on the CEO will also continue to occur with great frequency because of the low complexity involved. In addition, “the use of mobile devices to access data and systems of companies integrated in the cloud will be an upward trend.”
MALICIOUS MOBILE APPLICATIONS
The malicious mobile applications are not only in unofficial stores but also in Google Play and App Store: “Our SmartSOC has detected an increase in Trojan applications in Google Play and App Store, capable of stealing users’ credentials and intercepting text messages , as well as introducing hidden cryptosensors using supposedly harmless applications. “
“Cyber-incidents will continue to grow and try to compromise any type of device that has connectivity (tablets, mobiles, IoT devices or network devices). To this is added, in addition, the appearance of new Persistent Advanced Threats, or APT, sophisticated to certain organizations “.
MORE POINTS OF ATTACK WITH THE INCORPORATION OF THE INTERNET OF THINGS (IOT)
With the greater use of IoT devices in companies, the number of points that can be used to access information and attack their systems increases.
FOCUS ON CRITICAL INFRASTRUCTURES
After the approval of the transposition of the new NIS directive, which requires all critical infrastructure operators and essential operators to adequately protect their networks and information systems, as well as forcing them to report incidents, Compliance and Management services of Risks of specialized companies will see their activity increase noticeably.
Many devices and gadgets incorporate a malicious software that can access the stored information, the camera or the microphone of the device without the authorization of the end user. To avoid this, it is convenient to carry out “security audits of the devices, which will try to alleviate this type of vulnerability, which is increasingly difficult to detect, since having access to information means having the power”.