EXCLUSIVE: Predictions in the field of cybersecurity from the CEO of Portnox

News | 01.02.2018

Blocking and hacking applications

Many believe that the blockade is not subject to hacking. But last year the number of attacks on applications based on block connections increased. Vulnerabilities do not arise from the block chain itself, but rather from applications that run on the block chain.

One of the most striking examples is Bitfinex hacking in August 2016, which resulted in the stolen bitcoin worth $ 60 million. Hacking was possible due to the fact that Bitfinex changed the encryption method, which makes it easier for hackers to access passwords and secret keys. Social engineering will be used more often to extract these secret keys, so the external development of the block chain is a risk, suggests Ofer Amitai, CEO and co-founder of Portnox.

DDoS ransomware

The creation of a new and more acute form of blackmail, DDoS and ransomware combine efforts to curtail progress in digital transformations that bring monetary benefits. These attacks are made possible by the use of botnets or large groups of "zombie" devices, which are often Internet of Things devices, such as web cameras, to redirect traffic to infected malicious web addresses, which in turn extract data from accessible endpoint and require redemption to return these encrypted data. One such example is the use of the Mirai botnet devices to activate inactive WannaCry viruses for reactivation due to the direction of their movement into the kill-switch domain.

These attacks are often called "failures" attacks, because DDoS traffic is directed to sites containing dangerous malicious programs. Thanks to the widespread adoption of Internet of Things devices at the enterprise and the increase in requirements for redemption, we are likely to see more of these attacks in the next year. The trend is heightened by the popularity of crypto conversions that an anonymous payment system has made available to hackers so that they can demand more and extend their foreclosure activities.

Workflow mobility

One of the clear trends for 2018 is to increase the mobility of the work process. With a large number of employees working remotely, organizations significantly reduce their capital costs (many even abandoned the physical office space) while simultaneously channeling operating costs to digital transformation trends, such as the cloud and BYOD.

The organization's mobility is good for the balance of companies, but the flexibility of technology makes cyber security vulnerable, which can serve as a gateway to hackers into the corporate network. Thus, companies that are tuned to mobile trends in the workflow will invest in more complex solutions for endpoints, networks and cloud solutions that protect access and assets in various locations and in various related environments.

Increasing IoT security regulation

The rules governing IoT security functions are already beginning to operate, but the demand from consumers is still low.

It is a serious question whether the US government or the EU will introduce security rules for IoT device manufacturers that protect consumers and companies from digital (and even physical) risk. Therefore, together with the GDPR and other organizations in 2018, we are likely to see more government and industry members (such as NIST) stepping up work to ensure compliance with the rules of confidentiality, general security and safety for IoT manufacturers. This can also lead to an increase in the cost of IoT devices.