Cybersecurity Trends 2018: ESET’s Security Predictions Report

ESET has released its much-anticipated Cybersecurity Trends 2018: The Cost of our Connected World report.

2017 saw many high-profile cases impacting millions of individual users as well as dealing financial blows to major companies. The public now has a greater awareness of threats and their severity, but the level of sophistication behind attacks continues to rise. 

ESET anticipates that cybercriminals and cyber espionage groups will continue to find new ways to exploit machines – while still sticking to tried and true tactics. However, increased cooperation between law enforcement and private cybersecurity entities could provide some hope, with increasing arrests made and more cybercriminals deterred.

Highlights from the report include:

The rise of attacks on critical infrastructure – Cases of cyber threats affecting critical infrastructure have made major headlines in 2017. One of the most significant was Industroyer; the infamous malware responsible for the 2016 attack on Ukraine’s power grid. Attacks on critical infrastructure can also affect much more than just the power grid and could include the defense and healthcare sectors, water, transportation, and both critical manufacturing and food production. Organizations are working hard on security but ever-changing conditions means that threats are likely to continue through 2018. 

Supply chain issues – Large companies are waking up to the threat of cyberattacks with security teams receiving increased backing to improve measures, but SMEs continue to struggle with these new concerns, and since they may also supply goods and services to larger organizations, security gains are often negatively impacted. These types of supply chain problems affected the entertainment industry earlier in 2017; among the incidents included was the attempted extortion of Netflix over a new season of the series “Orange is the New Black”. This should remind us that supply chain security can affect any industry, and is likely to continue in 2018.

"While many large companies appear to be taking cybersecurity much more seriously these days, with security teams getting both the budget and the C-level backing required to do a good job, many smaller business supplying goods and services to larger organizations are struggling. That makes them an attractive target,” said Stephen Cobb, Senior Security Researcher

Increased cooperation between law enforcement and cybersecurity experts – Malware research has proved useful to law enforcement in the war on cybercrime. A key example is a recent collaboration between ESET, Microsoft, and law enforcement agencies, including the FBI and Interpol, working together to take down a major botnet operation known as Gamarue. Increased cooperation will lead to more arrests and fewer active cybercriminals. As authorities continue to gain experience working with private cybersecurity specialists, we can look towards further successful investigations and a potentially safer 2018. 

Democracy hack: Can electoral processes be protected? Recent elections have raised numerous cybersecurity questions – the most important being to what extent a cyberattack can influence the electoral process. As discussed in the report, evidence suggests we must look towards a hybrid system using both paper and electronic records if we are to mitigate fraud by cybercriminals. 

Our privacy in the new age of tech – Data is the new currency with consumers expecting to enjoy software at little or no cost, this has led vendors to enter the data-collection business, increasing the risks connected with data privacy. Advancements in IoT can lead in a similar direction with every device capable of telling a story and producing a full picture of the user’s life if multiple connected devices are combined.

“With every device that gets connected without informed decision or choice, our privacy is eroded further, until at some points privacy will be something that only our ancestors enjoyed," added Tony Anscombe, Global Security Evangelist. 

Highlighting some of the biggest issues facing cybersecurity, ESET’s Cybersecurity Trends 2018: The Cost of our Connected World report is of paramount importance to those with a stake in cybersecurity – namely everyone. These insights show increased levels of sophistication as cyberattacks continue to expand in scope and volume, affecting critical activities such as supply chains and infrastructure. Public awareness and education are key to an improved situation, as is the cooperation of different entities across society in tackling the problems on all fronts.