Internet hacking: 2019 forecast not so bright
We all know that computers are insecure and cybercrime is a significant problem. Stories about hacking and exposing a large amount of data make headlines for a few days, but they’re just the tip of a large iceberg. The risks are about to get worse. The creativity with which hackers are finding new ways to exploit vulnerabilities is progressing at a rapid speed. Juniper Research predicted that the rapid digitization of consumers’ lives and enterprise records will surpass the cost of cybercrime to $2 trillion globally in 2019, increasing to almost four times the estimated cost of breaches in 2015.
The World Economic Forum pointed in their 2018 Global Risks Report that new and more complicated cyber attacks would take center stage for 2019.
Here is what we are facing in 2019.
Back in the early days, we thought only sophisticated cybercriminals were the threat to our sensitive data and organization but now many cybercriminal marketplaces sell do-it-yourself kits, allowing almost anyone to access the tools to run hacking campaigns. Hacking techniques that once required specialist expertise are now sold in an easy-to-use pack with tutorials for the non-tech intelligence. Anyone can easily get these tools because they are available not only on the dark web but on the open web too. The types of attackers are wider than ever because now even less skilled attackers can use sophisticated attacks and, furthermore, now we have hyper-targeted attacks going after particular companies or even individuals.
Thanks to social media profiles now in the various pool of phishing attacks we can add so-called rose phishing attacks. Rose phishing makes simple phishing attacks surprisingly effective because it is almost impossible for the victim to ignore the bait. Attackers know about the high probability of a person clicking on something of a personal nature about them so they exploring and exploiting social media profiles about their potential victims.
Because people know about various tricks and exploits that hacker use to get passwords and data, cybercriminals are forced to find new ways how to realize their goals. One of the new and accessible ways to penetrate organizations is using fake identities or a seemingly genuine identity. All the data on their target can be easily found on the web. They’ll look on LinkedIn, Facebook, Instagram, Twitter or through the organization’s site, LinkedIn. Using fake identity, they build a bond with the person or an employee of an organization, then connect with more friends, family members or members of the organization with phony details and trick them to get all data they need to execute a digital assault.
As mobile devices take a part in our lives now more than ever, mobile hacking is taking a new approach in collecting our data.
We are witnessing an expansion in attacks on mobile devices. Cybercriminals take advantage of the fact that what we do on our mobile devices is mostly hasty and instinctively. They pay attention to our daily practices done on our phones. Malware has become so advanced that if you open a contaminated email message, the malware will install and keep running on your phone’s memory. Most antivirus programs just scan PC storage or hard drive so it is harder to be identified. When you close down or restart your PC, the malware may vanish entirely but it will keep running in the background without your knowledge.
Caller ID spoofing evolved to the point where the fake but similar or even exact number of an important person in your life is used to fall for a phone scam. Using a similar or exact number makes you much more likely to answer the call and falling into a phone scam. There are real anonymous Spoof call services online which offers change voice, anonymous calls, add sounds, record calls, text-to-speech, etc.
Computers are being built-in into physical devices and will affect lives, not just our data, creating increasingly dangerous space. The nature of how we use computers is changing. They are not just storing our data but they also object that we interact in our daily lives affecting the world in a direct physical manner and they are collectively known as “the internet of things“. They control traffic, drive our cars, dispatch emergency services, pilot our planes, etc. We have heard about hacks that shut down power plants and ransomware that shut down hospitals and denied care to patients. We can expect more of these kinds of attacks that can be extremely dangerous.
What is the level of the security of our supply chains? Where the software is written, who the programmers are, where the chips are made? Bloomberg reported that China inserted spy chips into hardware made for American companies like Amazon and Apple. The tech companies denied the accuracy of this report, but this points us to the problem of computer production security. We can’t distinguish secure and insecure products, we can only choose what sellers offer. Companies cut back on security and sell cheaper products for more money.
The market will not solve the internet security problem because let’s face it – most buyers aren’t willing to pay for security to be built into the products and services they want, and manufacturers don’t see economic interest in making better, secure products. As a result, we are stuck with computers that are pervaded with vulnerabilities, hackable internet protocols, and networks that can be easily pierced.
This and possibly the next year will most likely represent a real crusade between the attackers and the defenders. It only remains to see what will happen in the field of cybersecurity in the current year and how much it will cost us.