Story image

WatchGuard’s eight (terrifying) 2019 security predictions

16 Nov 2018

WatchGuard Technologies has issued a series of information security industry predictions for 2019.

They include the emergence of ‘vaporworms’, a new breed of file-less malware with wormlike properties that allow it to self-propagate through vulnerable systems, a takedown of the internet itself and ransomware targeting utilities and industrial control systems.

WatchGuard’s Threat Lab research team developed these predictions based on an analysis of major security and threat trends over the past year.

“Cybercriminals are continuing to reshape the threat landscape as they update their tactics and escalate their attacks against businesses, governments, and even the infrastructure of the internet itself,” says WatchGuard Technologies chief technology officer Corey Nachreiner.

“The Threat Lab’s 2019 predictions span from highly likely to audacious, but consistent across all eight is that there’s hope for preventing them. Organisations of all sizes need to look ahead at what new threats might be around the corner, prepare for evolving attacks and ensure they’re equipped with layered security defences to meet them head-on.”

The WatchGuard Threat Lab’s 2019 Security Predictions are:

1. ‘Vaporworms’ or file-less malware worms will emerge

Fileless malware strains will exhibit wormlike properties in 2019, allowing them to self-propagate by exploiting software vulnerabilities.

Fileless malware is more difficult for traditional endpoint detection to identify and block because it runs entirely in memory, without ever dropping a file onto the infected system.

Combine that trend with the number of systems running unpatched software vulnerable to certain exploits, and 2019 will be the year of the vaporworm.

2. Attackers hold the internet hostage

A hacktivist collective or nation-state will launch a coordinated attack against the infrastructure of the internet in 2019.

The protocol that controls the internet (BGP) operates largely on the honour system, and a 2016 DDoS attack against hosting provider Dyn showed that a single attack against a hosting provider or registrar could take down major websites.

The bottom line - the internet itself is ripe for the taking by someone with the resources to DDoS multiple critical points underpinning the internet or abuse the underlying protocols themselves.

3. Escalations in state-level cyber attacks force a UN cybersecurity treaty

The UN will more forcefully tackle the issue of state-sponsored cyber attacks by enacting a multinational Cyber Security Treaty in 2019.

4. AI-driven chatbots go rogue

In 2019, cybercriminals and black hat hackers will create malicious chatbots on legitimate sites to socially engineer unknowing victims into clicking malicious links, downloading files containing malware, or sharing private information.

5. A major biometric hack will be the beginning of the end for single-factor authentication

As biometric logins like Apple’s FaceID become more common, hackers will take advantage of the false sense of security they encourage and crack a biometric-only login method at scale to pull off a major attack.

As a result, 2019 will see strong growth in the use of multi-factor authentication (MFA) for added protection among groups with more security knowledge, particularly push-based authentication and MFA for Cloud application defence.

6. A nation-state to take ‘fire sale’ attacks from fiction to reality

In the Die Hard movie series, a ‘fire sale’ was a fictional three-pronged cyber-attack, targeting a city or state’s transportation operations, financial systems, public utilities and communication infrastructure.

The fear and confusion caused during this attack was designed to allow the terrorists to syphon off huge sums of money undetected.

Modern cybersecurity incidents suggest that nation-states and terrorists have developed these capabilities, so 2019 may be the first year one of these multi-pronged attacks is launched to cover up a hidden operation.

7. Hackers to cause real-world blackouts as targeted ransomware focuses on utilities and industrial control systems

Targeted ransomware campaigns will cause chaos in 2019 by targeting industrial control systems and public utilities for larger payoffs.

The average payment demand will increase by over 6500%, from an average of $300 to $20,000 per attack.

These assaults will result in real-world consequences like city-wide blackouts and the loss of access to public utilities.

8. A WPA3 Wi-Fi network will be hacked using one of the six Wi-Fi threat categories

Hackers will use rogue APs, Evil Twin APs, or any of the six known Wi-Fi threat categories (as defined by the Trusted Wireless Environment Framework) to compromise a WPA3 Wi-Fi network in 2019, despite enhancements to the new WPA3 encryption standard.

Unless more comprehensive security is built into the Wi-Fi infrastructure across the entire industry, users can be fooled into feeling safe with WPA3 while still being susceptible to attacks like Evil Twin APs.

Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.