Based upon Ixia-collected data and historical activity, the Ixia ATI team predicts the following six trends for 2019:
Trend 1: Abuse of Low-value Endpoints will Escalate
Until basic security hygiene improves, hacks like Mirai and cryptojacking will continue unabated. With more devices connecting to the internet every day, the number of targets continues to increase — and so will the number of victims.
Trend 2: Brute-force Attacks on Public-facing Systems and Resources Will Increase
This attack vector has existed for close to 20 years. While solutions exist to eliminate this attack vector, we continue to see the same mistakes made repeatedly by vendors and IT practitioners. It appears there will always be a server out there with the username “root” and the password “password” that a hacker can exploit. Individuals can prevent attacks on their systems by changing default credentials, but only adoption of two-factor and public/private key authentication will provide a permanent solution.
Brute-force exploits will also increase significantly for enterprises and carriers with the proliferation of IoT devices. Many forget, or do not understand, that these devices ship with default credentials. In addition, the devices are actively broadcasting — so they can connect to an internet router and relay data. Attackers can exploit this mechanism to connect to the IoT device and take it over.
Trend 3: Cloud Architectures Create Complexity That Increases Attack Surfaces
On-premises architectures gave security personnel complete control of their equipment and architecture. Public cloud-based solutions give no control over server and network architecture. Attacks like Spectre (CVE-2017-5753) and CVE-2019-6260 are just the beginning of the new types of attacks aimed at cloud users and their data. The speed and dynamic capabilities of public clouds have unfortunately exposed a new attack vector: service misconfiguration. Misconfigured services provide an open gate that hackers and bad actors can walk through, often with disastrous results.
Trend 4: Phishing Attacks Will Become More Focused During the Next Two Years
Enterprises invest thousands to train employees to recognize phishing attacks. In response, hackers create better phishes that are less obvious to victims, and more targeted. Growing Office 365 and Google G Suite adoption will help slow down phishing momentum. Both tools provide some phishing indicators. However, well planned attempts will get past these newer defenses. Hackers will relentlessly attack any system that provides a larger potential payoff.
Trend 5: Multi-phase Attacks That Use Lateral Movement and Internal Traffic Will Increase
Malware dwell times can exceed 100 days. Malware often goes undetected because command and control traffic is sporadic, hidden like a needle in a haystack and disguised to look like normal HTTPS traffic. Many organizations only monitor at ingress and egress points in their network. As attacks grow more sophisticated, we expect detection times will continue to grow longer. We also expect attackers to utilize more LAN-to-LAN attacks, hoping to avoid detection by abusing the trust of internal traffic. Micro-segmentation can increase visibility, helping detect and catch lateral movements.
Trend 6: Crypto Mining and Cryptojacking Attacks will Increase
For decades, hackers sought to compromise systems, steal data, and more recently ransom computers. A shift has occurred, where new attacks target the systems themselves. Rather than stealing data at rest, attacker use compromised systems for crypto mining. Old unpatched vulnerabilities previously used for ransomware or DDoS networks are easily exploited to deliver crypto mining software.
Advanced crypto miners do not depend on classic command and control architectures, making them harder to detect and prevent fluctuating cryptocurrency values may slow the growth of mining networks, but mining will continue to offer financially attractive incentives to hackers looking to make some quick money.
ABOUT KEYSIGHT TECHNOLOGIES
Keysight Technologies, Inc. (NYSE: KEYS) is a leading technology company that helps enterprises, service providers, and governments accelerate innovation to connect and secure the world. Keysight’s solutions optimize networks and bring electronic products to market faster and at a lower cost with offerings from design simulation, to prototype validation, to manufacturing test, to optimization in networks and cloud environments. Customers span the worldwide communications ecosystem, aerospace and defense, automotive, energy, semiconductor and general electronics end markets. Keysight generated revenues of $3.2B in fiscal year 2017. In April 2017, Keysight acquired Ixia, a leader in network test, visibility, and security. For more information contact us at firstname.lastname@example.org