Each year a war is waged by security professionals seeking to counteract the efforts of malicious individuals to steal information, take control of systems, or cause general havoc in the computing space. As these attacks become more sophisticated and better avenues of attack are found, there is a scramble to patch new vulnerabilities and address weaknesses in network defense. It’s the nature of IT security that the complete elimination of risk is impossible. Mitigation and reduction becomes the name of the game, and a broad net is cast in order to accomplish this.
This year the stakes have been raised. While the old risks to information security still exist, new technology begins to present entirely new challenges to the IT community. From critical hardware vulnerabilities with far-reaching implications, to the security nightmare presented by low-tech internet connected devices, a host of new problems require the constant reassessment of what is viewed as secure.
This isn't a new trend, and it isn't slowing down in any way, but 2018 brought with it revelations of just how complicated security can be. One of the largest cross-vendor security meetings happened this year over the Spectre and Meltdown variants of the processor vulnerability, signaling a shift in the way security concerns are addressed by the community. This forward thinking is going to be necessary to continue to combat security threats in the coming years.
Looking into next year, there's a number of security threats that will inevitably come up in the community, in the news, and in the public's eye.
1. People will continue to cause problems
A long standby of the security industry, the weakest point of entry in any network or system is always going to be the people using them. This will never go away, and in today's world of easily accessible internet from the moment you wake up to the moment you go to sleep, it's easier than ever for attackers to gain entry from a simple mistake.
Even the tightest network with ironclad defenses can succumb to a careless individual opening the wrong e-mail or running the wrong file. This is particularly true when more sophisticated methods are used to glean essential security information.
Mitigation for these kinds of events is always going to follow a similar trajectory. Creating compartmentalized and segmented networks to reduce the chance of something nasty spreading throughout the network is a good first step, as is basic security measures on the system network level for traffic and application access.
The strongest defense against people is strong information campaigns with specific scenarios to look out for. With mobile devices being able to freely connect to many business networks to help facilitate work, it's not feasible to limit these breaches on the system level in all scenarios.
2. Spectre, Meltdown, and other CPU vulnerability variants
A topic that will continue to be at the forefront of the security community for many years to come, these critical vulnerabilities continue to see new variations coming every month. While the overall risk can be downplayed and minimized due to the very small leaks they provide, they're impossible to ignore and could potentially lead to serious breaches in the future.
Protecting against these vulnerabilities mostly revolves around strict change management procedures that get executed regularly to guarantee all affected systems have up-to-date patches. Every time a new variation is found, developers are quick to issue a new patch. Getting that patch out as quickly as possible will mitigate the risk to systems.
Thankfully, while this will continue to be a hot topic in 2019, once new generations of processors are released without this issue it should slowly fade into memory.
3. Internet-of-Things (IoT) Devices
Everything being connected to the internet is currently all the rage in the tech world. Everything from home fridges to medical equipment and critical city infrastructure is finding its way onto the internet, and security for these devices hasn't caught up with the rapid progress of their implementation.
Recently at Black Hat 2018, researchers from IBM's X-Force Red demonstrated security exploits on a range of IoT devices. Almost half of these vulnerabilities were deemed critical, and many of the systems tested were for municipal infrastructure devices.
In one of the demonstrations, researchers showed how they could take control of the sensor data being fed to a device that measured water levels in the dam. By overriding the controls on the sensor, the team was able to hack the device into thinking water levels in the dam were low, causing it to raise the dam's gate and flood a nearby road. These kinds of devices are used all over the world to control a range of important systems.
Securing these systems starts at the manufacturer level. Looking into 2019 and beyond, manufacturers are going to have to build their devices with a “security first” mentality in order to reduce the risk of intrusion. It's slowly becoming clear to companies interested in IoT devices that taking security as a secondary consideration – or not as a consideration at all – is going to inevitably lead to problems down the road.
As the end-user and administrators for these devices, the best protection is thorough research into the security built-in to any IoT device. In many cases, especially on older devices, there may be no security at all, leaving the door wide open to potential threats.
4. Directed Denial-of-Service attacks
It's easier than ever for a jaded individual to order up a DDoS against an organization or person they don't like. These attacks are usually small-scale and can be mitigated by intelligent network configuration. Larger scale events can be reduced or eliminated with investment in up-stream mitigation from service providers or data centers. The larger concern in 2019 is going to be the massive attacks we've seen in 2018 continuing and growing even larger in scale and focus.
This year we saw record-breaking throughput attacks that targeted everything from businesses to free services like Github. For attacks on this scale, there isn't a single clear answer for defense beyond compartmentalized network configurations and redundancies. At some point, even the largest connection is going to struggle with enough data being thrown at it.
While it's unlikely that most businesses will face this kind of sophisticated attack, an over-reliance on outsourced infrastructure could lead to a disruption in businesses if providers are targeted.
Being prepared, staying reactive
These are just a few of the information security threats companies will face in the next year. There's a wide range of potential windows for attackers to gain entrance from, and it's inevitable that we'll start to see even more as 2019 approaches. Being prepared to stay reactive to any new threat will keep information security professionals ready to deal with whatever comes their way.