After a whirlwind 2018, cyber security in 2019 isn’t looking like an easy ride but here, Sam Bocetta, retired security analyst, provides insight into what to expect and how to prepare against possible attacks
2018 was not a great year for cyber security and data privacy. Some of the largest companies in the world found themselves a victim of countless and costly data breaches, routers and connective devices that were considered relatively safe were found to be vulnerable, and the accusations of foreign states and bad actors have made reality seem like a plot straight out of a spy novel.
2019 isn’t looking like it’s going to be any calmer on the security front, so what are we going to do about it? To give you a better idea of what’s up and coming in cyber security in 2019, here’s what you need to know.
1 – New Legislation for Data Collection
California legislators have proposed a new law in regards to the often covert data collection scheme most tech companies make a majority of their revenue from.
The California Consumer Privacy Act of 2018 has gone through the checks and balances of California’s lawmaking process and has been signed by California Governor Jerry Brown and will go into effect at the end of 2019.
This act opens consumers up to a number of protections to combat unwanted data collection. Protections like requiring companies to disclose what sort of data they’re collecting and who they’re selling it to, the option for customers to opt out of data collection and protection from the company charging more for the product, and enabling businesses to purchase the data in some way as a financial incentive to the person whose data they’re collecting.
This may not seem like a big deal if you’re not a resident of the state, but since a majority of the large tech companies are headquartered in California, the law very well could affect the rest of us.
2 – Even More Breaches and Leaks
Last year marked an increase in data breaches and leaks, which is ironic because a majority of the data wasn’t even protected at all.
Services ranging from retail to gym memberships and social media, almost every industry has found itself victim of a hack in one way or another. This surge has bolstered the public’s awareness of their potential vulnerabilities and has encouraged conscientiousness of better information security practices which are often overlooked merely due to human error.
In 2019, expect more attacks and more information being exposed, as hackers aren’t showing any signs of stopping anytime soon. But also expect people to begin to see the forest through the trees and take matters into their own hands instead of relying on the big box chains to protect information for us because it’s clear there are too many vulnerabilities in their systems and the only way to change that is to be the change yourself.
Millions of people now use virtual private networks, or VPNs, to encrypt their internet traffic and thus protect their personal data. However, recent concerns about state-sponsored ownership of VPN providers have raised alarm bells in both the US and abroad. As cybersecurity continues to play a key role in global politics and individual sovereignty, expect to see a market demand in the increase of truly-private VPN services that do not log user data.
3 – Increases in Transient Data Capture
In 2019, it is likely we will see increases in attacks of home-based Wi-Fi networks and other vulnerable devices where the attacker acts as a man in the middle and captures the data as it goes from the sender to the ISP.
The risks of this are astronomical, your personal information like your DOB and social security numbers risk being exposed each time you type them in and submit a form, and your credit card information is extremely vulnerable with things like bill pay and online shopping.
4 – Increased Cyberterrorism
Though cyberterrorism is nothing new, experts warn terrorist organisations could begin leveraging advanced technologies for more destructive forms of terrorism.
With what started as simple ransomware attacks that locked users out of their computer until a payment was made, it’s anticipated that terrorists will use new tools and techniques to conduct coordinated attacks on specific target locations, businesses, and individuals.
With tools that have the ability to physically destroy a computer remotely, drones that can be outfitted with weapons and be utilized as attack craft like seen in Venezuela, the enemy is taking full advantage of these tools and the berth of targets are expanding.
To counter this, companies and governments must perform a risk analysis of their potential vulnerabilities and take actions to decrease the probability of a successful attack by reducing potential target rich environments of critical infrastructures.
What makes this essentially terrifying is that it no longer applies to cyber attacks, but has moved into the realm of physical damages, ushering a new era of cyberterrorism.
5 – AI Utilized as Dual Use Tech
If you’ve ever used any type of social media or online dating site, the odds are you’ve encountered a few chatbots or two. For those who are unaware, a chatbot is an AI-powered form of bot that’s designed to handle customer service inquiries and such.
However, a bot can be used for much more dastardly means. If you get a friend request from a profile with next to no pictures or friends and they immediately send you a link, don’t click on it.
The smarter artificial intelligence gets, the greater the threat customers face of being misled. The most common methods are text-based like instant messages but expect bots to begin to utilize human speech and seem even more realistic than they already are.
AI and deep machine learning are changing the world as we know it in some incredible ways, but just be aware that it can also lead to attacks on a scale the world has never seen before.
Interesting post. The truth as technology has evolved, hackers and their methodologies have also evolved. With new technologies such as artificial intelligence in full swing, I’m sure we’ll see many incidents related to it this year.