Gatewatcher 2018 Cybersecurity Report
Overview We are publishing this report in order to review the past year and expose 2019 trends in cybersecurity. We’ll come back to major cybersecurity events of 2018, both on technological and geopolitical aspects. Once again in 2018, hackers showed their abilities to reach unprecedented levels of sophistication and impact, to avoid security systems and exploit security breaches. Drawing 2018 conclusions, we identified cybersecurity trends for 2019, with 2 main topics: threats evolution, artificial intelligence and machine learning. 2018 Review This year attacks surged and the trend won’t be changing for the next years. Indeed, the benefit / risk balance appears to be favourable to hackers lately. For many years, the cyber threat was pretty confidential and synonymous with espionage, intelligence or data theft. With worldwide phenomena (WannaCry, NotPetya), cyberattacks are now becoming very concrete for the public and have destabilised the most powerful. Did cyberspace become the new war zone of the 21st century? The answer to that question seems to be yes.) The USA even made cyberspace their fifth combat field (Cyber Command). This year again, the number of headlines about attacks between states, against companies or individuals has increased. Even if measures have been taken in France and worldwide (Cybersecurity Tech Accord, Paris Call for Trust and Security in Cyberspace…), the rhythm of attacks doesn’t slow down. Amongst this year’s significant events, here are those we have selected:
- Has crypto jacking became stronger than ransomware? 500 million of users worldwide were victims of crypto jacking in 2018. Crypto jacking is profitable, easy to set up and hardly detectable. The crypto currency boom has given ideas to hackers: to make money by using someone’s equipment (Coinhive, Cryptoloot, JSEcoin…). Adware (advertising software) and crypto jacking blur the limit between the legitimate use and cybercrime aimed to infiltrate infrastructures. As long as the breach has not been found, it continues to give the hacker a regular income flow.
- SIM Swap is also a major technique. Login codes, 2FA code (two-factor authentication) or 2SV (two-step verification) recovery allow hackers to collect a lot of information on its victims. In July 2018, a man has been arrested in Los Angeles for hacking around 40 phone numbers and stealing more than $5 million.
- Ransomware are still a major threat. More and more companies, especially in health sector, have been attacked. Ransomware is not dead, it’s evolving and is becoming sneakier.
- Cybercriminals are turning to fileless attacks (Cactus Torch for example). The code is sent directly to the device RAM, while anti-virus software are mostly analysing mostly static files. The attack is extremely difficult to detect since no software is installed on the user’s computer. McAfee Labs noted that fileless cyberattacks increased by 432% compared to 2017.
- Phishing continues to cause damages. Vade Secure developed this year the first edition of « Phishers’ Favorites » report. It gathers 25 most usurped brands by criminals to conduct phishing campaigns. For example, in the US, the top 5 brands are Microsoft, Netflix, PayPal, Bank of America and Chase.