CERT Australia reveals this year's cybersecurity challenges
Australia’s Computer Emergency Response Team (CERT) has analysed the trends and revealed what it believes will be the country’s biggest security challenges this year, and vulnerability exploits are at the top of the list.
The watchdog says that malicious activity against Australian enterprises is increasing in frequency, scale, sophistication and severity – a dangerous combination when paired with the reach and diversity of evolving threat actors.
While the Notifiable Data Breaches Act and the GDPR may clamp down on privacy infringements, businesses still remain under pressure to remain resilient, CERT says.
Criminals will continue to exploit known vulnerabilities; social engineering will craft sophisticated networks; supply chain targeting will go after third parties; and the Internet of Things will continue to present growing risks.
Here’s what CERT Australia has to say.
1. Would-be crims will grow in number exploiting known vulnerabilities
For some time, cyber criminals have been selling their malware products to others lacking the skills. This ‘crime-as-a-service’ has become very popular and more variants and services are becoming available. Ready-to-use ransomware kits are particularly popular and cryptocurrency mining malware is on the increase. While it may not lock up your data, this cryptocurrency mining malware exploits your systems’ processing power and can cause a significant headache for businesses.
This opportunistic targeting is simple and cheap, and will continue as long as organisations and individuals fail to implement baseline security.
We can therefore expect to see more unsophisticated malware attacks with widespread effects, particularly targeting known network vulnerabilities.
2. Increased sophistication will be used to target high-value networks
With social engineering techniques soaring to new heights we will likely see some of the most sophisticated targeting of high-value networks, fooling even the most informed individuals. Legitimate communications are becoming almost indistinguishable from social engineering attempts. Robust technical controls will be increasingly important to protect networks from this kind of malicious cyber activity.
Critical infrastructure and critical services will likely continue to be a popular target for sophisticated attacks, to either cause disruption or extort money.
3. Supply chain targeting will continue to be popular as third parties prove to be a weak link
Sophisticated cyber activity against third-parties—vendors that provide services to a company or agency—will likely increase.
As it has become more difficult to directly compromise high-value targets, adversaries are seeking secondary or tertiary access to those networks. Companies that provide products or services through outsourcing arrangements are highly attractive in this regard. The extent of the threat is largely dependent on the relationship between the outsourced provider and customer, in particular the extent of the provider’s access to client networks and databases.
Managed service providers will continue to be particularly attractive targets as they have a broad range of customers, connectivity and access to their customers’ networks and data.
4. Internet of Things (IoT) will create further risks
The risks associated with IoT will continue to grow as more and more smart devices, gadgets and equipment flood the market alongside new attack surfaces being exposed in autonomous systems such as self-driving vehicles.
In 2018 we expect to see more consumer pressure on manufacturers to include security controls while businesses grapple with what information is leaving their organisation, the legal exposure they may face and the risk to their networks.
Additionally, adversaries are likely to continue exploring IoT devices (such as CCTV and HVAC units) as an attack vector for air-gapped systems in government and industrial networks.