5 of the biggest trends hitting cyber security right now

For an industry dominated by computers and servers, cyber security in general is about as shapeless as sand. Hackers and security specialists alike bring something new to the table every day and it’s up to businesses to stay on top of it all.

That’s why we created the Risk Radar; our quarterly glimpse into the biggest stories that are dominating the cyber security industry as of late. It’s useful in helping everyone at an organisation stay up to speed with the shifting winds, but it’s also incredibly valuable in picking up on cybercriminals’ and cyber security specialists’ latest habits.

We’ve gathered the top five trends that we picked up on in our latest Risk Radar and we urge companies to keep an eye on them as we move forward.

1. Businesses are paying the price for data breaches

Data breaches have a longer shelf life than many in the industry (and even outside of it) might think. Take the Equifax data breach of 2017 as a good example: It happened, the media and public were shocked, senior leadership turned over and the story was for the large part tucked away as a warning sign to businesses that even the largest companies can be compromised.

All was relatively quiet – until this year. That’s when news broke that Equifax had paid roughly $1.4 billion towards remediation in the wake of its 2017 data breach. Then Equifax became the first publicly-listed company to have its rating outlook downgraded due to a data breach. Moody’s, the credit rating firm responsible for the move, cited expenses from the data breach as the underlying cost.

It took two years for the financial toll to impact Equifax’s fiscal stability. It’s coming to light as the model for how a data breach can devastate a business financially, legally and from a reputational standpoint – not just in the instance a security incident takes place, but well after the fact too. Yahoo, for example, is still trying to agree to a settlement for its own data breach that happened over five years ago.

Learn more about the financial Impact of data breaches by reading our latest Risk Radar.

 

2. Ransomware isn’t going away any time soon

The creators of GandCrab (say they) are closing up shop which means one of the most popular forms of ransomware on the market will be taken off the shelf. Its reported retirement came just days before a decryptor tool for all versions of GandCrab was released in a joint effort from Bitdefender, the FBI and Europol.

GandCrab was reportedly one of the most profitable types of ransomware to ever hit the market, with its creators boasting that it brought in $2 billion in its short-lived lifetime. The data seems to add up with new findings that ransomware payouts doubled between the end of 2018 and the first quarter of 2019. Victims were found paying on average $12,800 per incident in Q1 2019, according to researchers at Coveware.

When you put it all together, it’s easy to see that ransomware is still viewed as a valuable form of hacking – despite other methods like phishing, cryptojacking and formjacking taking up the spotlight as of late.

Catch up on GandCrab by checking out our latest Risk Radar.

 

3. Passwords might soon become a thing of the past

Microsoft is doing away with its default policy to prompt enterprise users to change their passwords every 60 days. The policy – which was recently lowered from every 90 days – comes on the back of advice from the organisation behind the NIST framework, which posited that users choose weaker passwords when they’re forced to change them often.

During the same time frame, the company also received a FIDO2 certification for its Windows Hello biometrics-based security system. The tool allows Mozilla Firefox users to switch to passwordless login, which uses face recognition or other forms of biometric security, and will soon incorporate other browsers.

Make no mistake; the cyber security industry wants to get rid of the password. But there’s a few questions that are holding that development back. Among others: what does a password in a passwordless world look like and how quickly can secure functionality be scaled?

Find out more about dropping passwords by picking up our latest Risk Radar.#

 

4. Formjacking is a top threat to companies’ operations

The MageCart cybercriminal collective, named by Wired magazine as one of the most dangerous people on the internet in 2018, continues to assert itself as one of the biggest threats companies will face in 2019. Its trademark formjacking attack is incredibly difficult to detect despite how effective it is in stealing customer financial details, and has recently claimed victims like Leicester City Football Club and Forbes’ magazine.

As of late, researchers found a formjacking attack that leveraged third-party vendors like Alpaca Forms, RYVIU, AppLixir and AdMaxim to inject their cyber-attack into thousands of websites. Despite it’s efficiency, the style of attack and the success it had isn’t all that uncommon and has only continued to spread over the past few years.

MageCart is making formjacking look easy and it seems as though it’s here to stay. Identifying formjacking attacks can come down to spotting just a few lines of irregular code, making it difficult to defend against but incredibly important to stay on top of.

Get the lowdown on formjacking by reading our latest Risk Radar.

 

5. Cloud misconfigurations are leading to unnecessary data leaks

Every data leak is unnecessary, but the ones that are coming to light because of cloud misconfigurations are egregiously so. The amount of exposed data grew 50 percent year-over-year and while the rise can’t be attributed to any one action in particular, it’s not unreasonable to suggest that misconfigurations are a major reason why.

While cloud databases come with default security configurations installed, these are sometimes mitigated or turned off entirely to allow engineers or consultants to work within the database with ease. This can become a problem as it allows anyone access to the instance and the security configurations aren’t always turned back on.

It’s ironic to see a rise in exposed data with GDPR now in full swing, but it seems as though the shift to the cloud has come with some risk. Making sure that the company’s data that’s stored in the cloud – and that only certain personnel can access it – should be a key objective of any cyber security strategy.

 

Learn more about data security by checking out our latest Risk Radar.