![The Edge Logo The Edge Logo](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt530eb1f4e672eb44/653a71690e92cc040a3e9d6d/Dark_Reading_Logo_TheEdge_0.png?width=700&auto=webp&quality=80&disable=upscale)
Cybersecurity In-Depth: Feature articles on security strategy, latest trends, and people to know.
2019 Attacker Playbook
Security pundits predict the ways that cybercriminals, nation-state actors, and other attackers will refine their tactics, techniques, and procedures in the coming year.
December 14, 2018
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt187eeb5ab8ac28e0/64f0d0ec5f0111b9c0036181/01-playbook.jpg?width=700&auto=webp&quality=80&disable=upscale)
It's time to turn the page on yet another year, which means it's also time to look into that crystal ball and speculate — wildly or not — on where cyberattacks will take us in the coming months. Security researchers agree that the old standbys, such as phishing, ransomware, and credential attacks, will keep plaguing organizations as much as ever. But the threat landscape is never static, so security professionals can surely expect the bad guys to continue refining their attacks in 2019.
Here's what the prognosticators believe attackers have in store for us next year.
This past year has seen a ton of security companies tout their advanced artificial intelligence (AI) and machine-learning (ML) capabilities in thwarting attacks. But this is spy vs. spy, so expect attackers to have their own AI tricks up their sleeves. "Cybercriminals have attained a decent level of proficiency in practical AI/ML usage," says Ilia Kolochenko, CEO of High-Tech Bridge. "Most of the time, they use the emerging technology to better profile their future victims and to accelerate time, and thus effectiveness, of intrusions."
As Kolochenko puts it, many of those cybersecurity startups that throw around AI and ML in their pitch decks and marketing slicks don't actually have a whole lot under the hood to back up their claims. Not so for the attackers. "The bad guys are focused on its practical, pragmatic usage to cut their costs and boost income," Kolochenko says of malicious AI usage. "We will likely see other areas of AI/ML usage by cybercriminals. We will probably have the first cases of simple AI technologies competing against each other in 2019."
Critical infrastructure is finally gaining some level of awareness among cybersecurity and operational executives, as real-world attacks start demonstrating what a lot of SCADA security experts have warned about for years. The question is whether that awareness can translate into fast enough action on the part of defenders. Security experts, including Justin Fier, director of cyber intelligence and analysis for Darktrace, say that in 2019 the attackers will be increasing the scale and sophistication of their targeting in these environments.
"Since the attacks on the Ukrainian power grid in 2016 and Triton in 2017, attacks on industrial environments have become mainstream. With several nation-states providing warnings in 2018 about ongoing targeting of their energy grids, 2019 looks set for increasing numbers of high-profile cyberattacks on our critical infrastructure," Fier says. "Darktrace is specifically looking at three threat vectors: smart meters and IoT devices; disruption of core logistics and transportation services, specifically in shipping; and sporting events infrastructure."
News of election tampering and the Cambridge Analytica scandal brought into sharp focus the kind of deep damage that cyber influence manipulators can have on society. Security pundits say they believe that "influence operations" will move beyond the political realm in 2019.
"Whether leveraging compromised data or strictly propaganda or false information, all variety of actors can use information operations to further their personal or organizational goals. Notably from a retail or economic espionage perspective, consider the possible effects of such an operation," says Adam Vincent, CEO and co-founder of ThreatConnect. "A competing retailer could post scores of negative reviews for a competitor in hopes of ultimately driving down that organization's business. Similarly, a nation-state could minimize competition for its domestic companies by conducting information operations targeting foreign organizations."
Economic tensions are roiling just below the surface between China and the US. Security researchers say that while politicians continue their negotiations and tariff brinkmanship, China may well try to tip the scales using a variety of cyber espionage tactics.
"China isn't new to cyber espionage, with reports revealing their efforts cost the United States upward of $300 billion annually," say experts at LogRhythm Labs. "The United States reacted earlier this year by imposing a $50 billion tariff on Chinese imports. Given the economic impact of these tariffs, we expect China to leverage its cyberspies to give itself an advantage in the growing trade wars."
IoT devices won't be the only ones bot herders will favor in 2019. Cloud infrastructure will also prove a juicy target.
"Recently there has been a change in devices targeted by bot herders. Based on developments we are seeing in the wild, attackers are not only attacking resource-constrained IoT devices, but they are also targeting powerful cloud-based servers," says Daniel Smith, head of security research for Radware's Emergency Response Team. "When targeted, only a handful of compromised instances are needed to create a serious threat. Since IoT malware is cross-compiled for many platforms, including x86-64, we expect to see attackers consistently altering and updating Mirai/Qbot scanners to include more cloud-based exploits going into 2019."
This is just one of the many cloud avenues attackers will go down in the next year. According to Gartner, public cloud services are on track to grow by 17.3% in 2019. The more we move to the cloud, the more attackers will be seeking to take advantage of that attack vector. Smith believes we'll be seeing public cloud services targeted by at least one major attack in 2019.
"While cloud adoption is touted as faster, better, and easier, security is often overlooked for performance and overall cost," he says. "Organizations trust and expect their cloud providers to adequately secure information for them, but perception is not always a reality when it comes to current cloud security, and 2019 will demonstrate this."
Major news coverage of supply chain attacks in our technology ecosystem has demonstrated the lengths to which attackers will go to initiate their activities at the supply chain level. While the "tiny chip" report has been disputed by many experts, some say that supply chain attacks will target IoT devices in a big way next year.
"The major devices targeted will be IoT and will range anywhere from consumer-based routers to home-based nanny cams," says Morey Haber, CTO at BeyondTrust. "Expect the supply chain for many vendors, including those that produce personal digital assistants, to be a new target from threat actors who infiltrate environments and insecure DevOps processes."
Major news coverage of supply chain attacks in our technology ecosystem has demonstrated the lengths to which attackers will go to initiate their activities at the supply chain level. While the "tiny chip" report has been disputed by many experts, some say that supply chain attacks will target IoT devices in a big way next year.
"The major devices targeted will be IoT and will range anywhere from consumer-based routers to home-based nanny cams," says Morey Haber, CTO at BeyondTrust. "Expect the supply chain for many vendors, including those that produce personal digital assistants, to be a new target from threat actors who infiltrate environments and insecure DevOps processes."
It's time to turn the page on yet another year, which means it's also time to look into that crystal ball and speculate — wildly or not — on where cyberattacks will take us in the coming months. Security researchers agree that the old standbys, such as phishing, ransomware, and credential attacks, will keep plaguing organizations as much as ever. But the threat landscape is never static, so security professionals can surely expect the bad guys to continue refining their attacks in 2019.
Here's what the prognosticators believe attackers have in store for us next year.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024