2018 to see more ransomware attacks, cyber-extortion: Expert

Manama : Ransomware and cyber-extortion will continue to rise in 2018, according to Scott Manson, Cybersecurity head - Middle East and Africa, Cisco.

2018 will bring more connectivity, digital transformation initiatives, and data to companies, along with new cybersecurity threats and landscape changes making cybersecurity one of the most crucial issues that need to be addressed in the present scenario, Manson opined. 

“Incidents like WannaCry and Netya illustrate, our adversaries are becoming more and more creative in how they architect their attacks. But in the end, it’s more about who has not been breached vs who is the latest. The world of cybersecurity witnessed changes frequently with security experts trying to gain know-how about what is happening and how they can mitigate it.  The universal fact is that we have to accept that we can’t protect everything, but we can find a way to control what matters the most,” he commented. 

His cybersecurity predictions for 2018 includes more IoT attacks that will be motivated by financial gain, increased automation in cybersecurity response and continued growth in the use of ransomware and cyber-extortion tools. 

“Shift in focus from protection to prevention, historically IT firms focused heavily on perimeter network security to protect networks from cyberattacks. However, recent breaches have shown that perimeter security alone isn’t sufficient to combat persistent threats.  By focusing on more proactive and offensive approaches, rather than strictly defensive, that help detect and respond to possible threats rather than react, it is possible to stop threats before they expose the organization to risk. In the future it will most likely move to prediction of what’s coming before anything happens,” he said.  “It’s only a matter of time before every house and company is connected through the Internet of Things (IoT). We predict that as many as 1 million new connections per hour will be added to the internet by 2020 expanding the attack surface and making IoT vulnerabilities more critical and more dangerous. IoT will move from being seen as a massive security risk in the enterprise, to a critical part of an Enterprise’s security posture. To meet the security challenges of the IoT — an attack surface that is both growing rapidly and becoming increasingly difficult to monitor and manage, a proactive and dynamic approach to security, and a layered defense strategy, are the keys to protecting IoT devices from infection and attack — or at least, mitigating the impact when some are inevitably compromised by adversaries,” he stated. 

“Unfortunately, ransomware attacks will almost certainly become more pervasive and varied in 2018. Some attacks will adhere to the brute-force model of infect, lock and extort, while others will be more sophisticated. Evolutions in ransomware, such as the growth of Ransomware-as-a-Service, will make it easier for criminals, regardless of skill set, to carry out these attacks.