2018 Top Cybersecurity Threats: Cryptojacking, Ransomware & More

Equifax, one of the main credit reporting agencies, announced that it lost data belonging to 143 million people — more than half the adults currently living in the United States. The company didn’t announce the attack until five months after it occurred. The breach included highly sensitive information, including names, email addresses, credit card numbers, and millions of detailed credit reports.

Deep Root Analytics exposed the voter records of 198 million Americans for 12 days due to misconfigured access 4 controls on an Amazon Web Services (AWS) S3 bucket. S3 buckets are essentially cloud storage drives, typically used to store the data and content used by applications run in AWS. This was one of at least twenty S3 bucket-related breaches in 2017.

Uber exposed the data of 600,000 drivers in the U.S. in addition to 57 million drivers and riders worldwide. Two hackers reportedly accessed the data on an S3 bucking using an Uber developer’s credentials. The company paid $100,000 in exchange for the hackers agreeing to delete the data and keep quiet.

Top Cybersecurity Threats in 2018:

Ransomware continues to cause havoc in the industry. Two of the most dangerous forms of ransomware, WannaCry and NotPetya, have been attributed to foreign actors, including North Korea and Russia, respectively, resulting in an arms race between the two players. Both forms have introduced a worm that allows the malware to spread automatically throughout the system. Shipping giant Merck reported hundreds of millions of dollars in damages after getting hit with both WannaCry and NotPetya. Voice recognition software vendor Nuance Communications blamed NotPetya for $92 million in damages. Small businesses are getting hit as well. They reportedly paid out $301 million to ransomware in 2017.

New trends are appearing as well, such as ransomware-as-a-service (RaaS), which is when more risk-averse criminals hire experienced hackers to issue the attack on their behalf. This appears to be a growing sector in the industry as criminals look for ways to conceal their identities while others look for ways to cash in.

Smart devices like the Internet of Things may not store sensitive information, but they can still be hacked. These devices often do not have the same level of malware protection as traditional assets like computers and servers. However, hackers are starting to target devices that security professionals wouldn’t normally think to protect, including surveillance equipment as well as medical devices.

We’ve also seen a rise in cryptojacking, which is when hackers hijack a smart device and use it to mine cryptocurrency. Digital tokens like Bitcoin tend to be particularly attractive to cyber criminals. They can trade these assets online from any geographic location without exposing their identity.

Cryptocurrency tends to be secure, but the apps and digital wallets we use to store them are not. We’ve seen a wealth of issues (literally) that often result in direct theft of funds from exchanges and individuals’ wallets. Hackers stole $7.4 million from Coindash’s ICO. A vulnerability in the Parity 16 Multisig Wallet allowed $32 million to be stolen from the ICOs of Edgeless, Casino, Swarm City, and aeternity blockchain. The largest cryptocurrency coin heist in 2017, though, was $64 million worth of Bitcoin from NiceHash in December.

The Black Swan Theory

What’s known as the Black Swan theory also grew in popularity over the last year. The black swan was long rumored to be in nature until someone finally spotted it in the wild. The term now applies to existing, although unexpected phenomena. When it comes to preventing malware attacks, the Black Swan theory teaches us to watch out for the unexpected. This usually means thwarting potential attacks even if they seem highly unlikely to occur and protecting and prioritizing assets that were once thought to be secure.

For example, 2017 introduced the world to BlueBorne, a group of 27 vulnerabilities that affected nearly every Bluetooth implementation in use. On the same day, KRACK was announced, a vulnerability that affected all modern Wi-Fi access points and client implementations. Broadpwn affected the baseband processors in nearly all mobile phones, and finally, Meltdown and Spectre affected the Intel processors in most modern laptops, desktops, and servers in use worldwide.

So, why were these attacks announced so close together?

Our researchers have been looking at less explored possible explanations. This led to the Black Swan Theory for Vulnerability Management, developed by Michelangelo Sidagni, CTO of NopSec, and Shawn Evans, Head of Security Research for NopSec. It aims to describe a vulnerability management method for predicting these ‘black swans’ more reliably. By breaking down the aspects of what makes these vulnerabilities so serious, wide-ranging, and damaging, it is possible to predict them with better accuracy.

Last year showed us where the cybersecurity industry is heading. Governments and hackers alike are investing more time and money in these projects with the intention of causing as much damage as possible. These attacks get more severe every year. Companies should keep these trends in mind when developing an effective remediation strategy.

Download this full report to learn more about the various threats that emerged in 2017 and what NopSec had predicted for top 2018 cybersecurity threats.