NETSCOUT predicts the security trends for 2019
7 February 2019
Our security experts forecast the important trends for the global cyber-threat landscape.
Today’s pervasively connected world brings both opportunity and increased vulnerability, as malicious actors, nation states, criminal organisations, or even individuals can capitalise on the digital interdependencies that pervade our world today. As the global cyber-threat landscape continues to evolve, our security experts have a few predictions to help you plan and prioritise for security in 2019.
- 2019 is the year network and security operations will unite
In 2018, distributed denial of service (DDoS) mitigation and prevention techniques became a lot smarter, due to advancements in DDoS cyber-security solutions and network and application assurance technologies. In 2019, we’re going to see a similar thing happen at an organisational level, as network operations teams share their visibility and insights with security teams. As security teams learn more about the treasure trove of insights that already exist within enterprise infrastructure, they will smartly integrate that existing visibility into their processes to neutralise threats.
The number of malicious attacks targeting the enterprise, the service provider space, and critical national infrastructure is rising exponentially. The alarming regularity of DDoS attacks is forcing CISOs and security architects to consider new strategies and solutions to protect key digital infrastructure. This includes the ability to detect DDoS attacks early – before these attacks cause significant damage to productivity, business performance and reputation. The goal is to mitigate attacks and ultimately prevent them from happening at all.
Prevention is a challenge for even the most experienced CISO, because cyber-criminals will always look to circumnavigate any defences put in their way. The rapid growth of business migration to hybrid cloud and multi-cloud architecture further exacerbates the problem by increasing IT network and infrastructure complexity, thereby expanding the attack surface and exposing new vulnerabilities. Security teams have enough on their plate already without having to worry about cloud adoption and the integration of new services and applications. However, that’s all about to change, as the boundaries that once separated security operations from network operations begin to blur, allowing teams to collaborate and share intelligence. Adam Bixler, Director, Product Management
- Attackers franchise new DDoS threats in 2019
Gone are the days where a single bot offered a simplistic DDoS attack type. In today’s DDoS threat landscape, attackers increasingly add diversification into their bots, allowing a wide variation of attacks and protocols to take down networks. In parallel, operators running booter and stressor services make it extremely easy to launch multi-vector attacks at a fraction of the risk and cost.
We now live in the era of terabit DDoS attacks, and while we expect to see more of these giant threats happening over the next 12 months, we also anticipate seeing more multi-vector attacks as the ease of access increases at a frightening pace. The largest attack on record involved memcached servers. This attack vector became available in booters and stressors mere days after the attack surfaced. Indeed, it was simply one of many attack vectors available for purchase on underground marketplaces.
In 2019, we anticipate more attackers crawling out of the woodwork to offer their services to the highest bidder. These nefarious characters will take down targets on request and for a small fee. They will even hand over DDoS tools to their customers to let them do their own dirty work. While these tools are not necessarily new to the scene, the ease of access, quick iteration at including new attack types, and a broader range of international customers, will result in lots of amateur cyber-criminals getting hold of destructive malware.
Many of the operators behind booters and stressors use business practices and a software-as-a-service (SaaS) model to market and sell monthly subscriptions, charging customers less than $50 for the privilege. Transactions can be conducted using cryptocurrency, but also through legitimate sites like PayPal, allowing them to make a profit and fund future activities. Richard Hummel, ASERT Threat Research Manager
- Internet of threats: botnet attacks leveraging IoT devices set to increase in 2019
With internet of things (IoT) adoption set to soar next year, this will create the perfect storm for cyber-crime, and result in serious implications for both businesses and consumers. When you consider that many of these connected IoT devices will be deployed across industrial sectors to power smart factories, production lines and transport networks, the risks associated with securing the IoT become clear. This is without considering the fact that the IoT will continue to pervade mission-critical sectors such as healthcare to support medical procedures and monitor the wellbeing of patients.
The IoT space is still in its relative infancy and represents fertile ground for cyber-criminals as they look to exploit new vulnerabilities. The proliferation of connected devices will therefore open the floodgates for new breeds of exploits and malware intent on disrupting IoT installations across industries, enterprises, the SME sector and the smart home.
The cyber-security situation is aggravated even more by the fact that IoT device manufacturers often ignore security protocols when building connected devices, likely in a bid to drive down production costs. As a result, large volumes of devices are shipped without basic security features baked into their design, leaving them exposed and susceptible to threats. Hardik Modi, Senior Director, Threat Intelligence
By Carol Hildebrand