Ride the Lightning
Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.
Significant Cybersecurity Trends of 2018
January 2, 2019
SC Media posted last week on some of the most significant cybersecurity trends of 2018. From my own foxhole, we started seeing a decline in ransomware and enhanced use of artificial intelligence in cyber attacks and cyber defense. Onward to what SC Media had to say . . .
Cryptocurrency. 2018 saw the level of cryptocurrency mining reach new heights – and other malicious actors simply broke into digital wallets to steal the money. Those who placed illegal miners on systems used a variety of methods and tricks to do so, including phishing, update scams, leveraging vulnerabilities, fake apps, exploit kits and even mobile devices. Millions in digital currency were stolen from exchanges and wallets. I certainly would not invest in cryptocurrency given the current state of its security.
Data Breaches. OK, data breaches are old news but 2018 saw some very high-profile victims – Facebook, with 50 million records compromised, and dozens of retailers and other organizations that were hit by the Magecart cybergang that specializes in placing malware on point of sale systems and then systematically stealing transaction data. Misconfigured servers also played a huge role in exposing corporate and personal information in the last 12 months. Whether it was an Amazon Web Service S3 bucket or a MongoDB, millions of records were left open to the public because IT admins were not changing log in credentials or if they did making them something easy to find or figure out.
Election Hacking. Did it happen in 2018? Maybe yes, maybe no. It certainly sparked an animated debate. We sure did find 81.5 million voter records from 20 states for sale on the dark web, now available as a potential tool for those who might want to interfere in our elections.
Ransomware. Though we saw a decline in the number of attacks, a SamSam ransomware variant pulled off some very high profile attacks. There were at least 67 different targets – 54 in the U.S. – being struck in 2018, according to a Symantec report. The city of Atlanta is paying a fortune to restore its systems – good thing they had a hefty cyberinsurance policy.
Cloud Storage. The words AWS S3 Bucket and MongoDB were in the news a lot in 2018. In one of the largest breaches of the year, 445 million records were exposed when the Swiss-based data company Veeam used a misconfigured MongoDB hosted on Amazon Web Services that did not require any password to access. The cause, here and in other cases, was human error in the form of poor identity access management (IAM) practices. AWS and other cloud storage providers usually turn over a bucket to a customer in a locked down condition, but changes made by the end user often result in the data going from safe to exposed with a single keystroke. The number of these incidents in 2018 resulted in more effort being focused on using proper IAM practices and simply keeping track on a regular basis of what is taking place in a database.
And what will 2019 bring? Who knows? Attackers and defenders are both getting smarter, but it seems to us that the defenders are always limping behind the attackers and trying to catch up. We'll look at the roundup of events next year and see if the defense has been able to "up its game."
E-mail: Phone: 703-359-0700
Digital Forensics/Information Security/Information Technology
https://www.senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson
Listen to the Podcast
