Businesses will grapple with a shifting cybersecurity landscape in 2019. While major threats like ransomware, phishing, viruses and worms will continue to menace unprepared businesses, there are several new and emerging threats — powered by cutting-edge technologies — that threaten to strike in entirely new ways. Awareness and preparation are instrumental to good cybersecurity, and we hope that this blog post can help businesses better protect themselves in the new year.
Although software like Slack and Cisco Spark have become an important part of the business communication toolbox, email use is still the most popular form of business communication. There will be 2.9 billion email users by the end of 2019, who will be sending millions of emails every second. According to researchers at enterprise cybersecurity firm FireEye, roughly one in one-hundred of those emails will contain some form of malware. Here are some of the new email attacks you may encounter in 2019:
When IBM released its AI-powered “DeepLocker” malware proof of concept at the Black Hat USA conference in August, it pointed toward a new future of intelligent, “evasive” malware that possessed the ability to “unlock” itself and start an attack once one or several external conditions or “triggers” occur. These triggers could range from an audio-visual cue (using computer vision and a computers webcam), a locational requirement, or another detectable variable in the infected system.
While there’s been an outpouring of praise for AI in the technology media, it’s less known that these AI-aided cyberattacks are already starting to appear at the fringes of the security world. We believe it’s likely some of those threats will start to go mainstream in 2019, as cyber criminals become more adept at bending the power of machine and reinforcement learning to nefarious ends. This may include an uptick in polymorphic or metamorphic malware which can strategically deploy encryption to hide itself from traditional, signature-based anti-virus software.
One version of the AI-powered attacks that’s already started to do damage is fraudulent chatbots. Whereas just a few years ago AI chatbots could barely handle rudimentary customer conversations, advances in machine learning, natural language processing, and computer vision have made the modern chatbot very effective at engaging in a variety of customer interactions. Attackers have started using these chatbots — in disguise of course— to launch complex man-in-the-middle attacks that trick clients into divulging personal information or installing malicious software on their PC, which are presented as a means of helping clients or providing better service.
Just because new threats are emerging, doesn’t mean that last year’s threats have disappeared. While we may have seen the peak of ransomware attacks, projections from Cybersecurity Ventures shows that ransomware will still cost businesses around $11.5 billion in 2019. That means in order to stay secure in the new year, you’ll want to make evolutionary improvements to your security strategy that covers the new threats on the horizon, while still offering robust protection against the attacks that made headlines last year.
Unfortunately, accessing the talent necessary to plan and execute that strategy will be a source of difficulty for many businesses — especially SMBs. The cybersecurity job market was tight in 2018 and will continue to be so for the foreseeable future, with approximately 300,000 cybersecurity jobs going unfilled in the U.S. When the necessary cybersecurity talent can be found, it often comes at a premium price. The average salary for a cybersecurity engineer is $92,000 a year, far out of budget for most SMBs.
Don’t rely on security through obscurity to keep you safe either, hackers are increasingly wise to the fact that small and medium-sized businesses are under-defended and contain valuable data in just the same way that larger companies do. To keep your business safe, work with a cybersecurity partner that has decades of experience keeping companies across central Ohio safe, like Astute Technology Management.
If you have any questions about your network security or would like to discuss ways to improve your cybersecurity systems, feel free to contact the Astute Technology Management team any time. We’re always happy to help businesses in Columbus Ohio flourish with better cybersecurity via our Managed IT Services!
WBOC.com DelmarvaLife Media Kit eats + drinks Outdoors Delmarva WBOC Classifieds MD Digital Political Ad Disclosures