2018 Cyber-Attack Trends and Industry Predictions

Over the last 24 months, we have spoken publicly about rapidly emerging cyber-attack trends and how to plan for and mitigate the impact of these attacks. Many of these predictions unfortunately have become a reality and are now being highlighted in other industry leader predictions for 2018, including the growth and evolution of Ransomware, the use of botnet and automated – orchestrated attacks within Business Process and Email Compromise attacks in financial markets and other regulated industry segments.

During our 3 part blog series on the projected impact of the Equifax and EDGAR breaches, we predicted how 3 of the top cyber-attacks were going to evolve from 2018 to 2019 and what companies can do to proactively protect themselves.

The 3 cyber-attacks mentioned in that blog series and within various industry presentations delivered over the last 24 months are Ransomware, Business Email Compromise, and Business Process Compromise. While those 3 cyber-attacks mentioned in 2017 are included within the 2018 Cyber-Attack Trends and Predictions list, 5 other trends and predictions have been added to the list.

Note: While there are many other trends and predictions we could have included on the list, we believe the topics below are the most significant.

2018 Cyber-Attack Trends and Industry Predictions

    1. Ransomware: We believe Ransomware attacks will continue to be integrated into multi-stage, multi-touch attacks that include social engineering, automated botnet and physical attacks that will evolve into well planned and orchestrated “cyber-hostage” attacks and situations. Multiple terrorist and cyber-attacks on public transportation methods were executed successfully between 2016 and 2017 and many Ransomware attacks during 2017 were believed to be pilots or used for reconnaissance to assess and test reach, effectiveness, and response rates and methods to validate attack and distribution targets and methods.
    2. Business Email Compromise: These targeted attacks may be integrated into broader financial and business fraud and theft schemes within specific market segments such as financial services, technology, healthcare, and public services. As with other attack methods listed in this article, BEC attacks could become a standard component within multi-stage cyber and physical attacks as mentioned in the Ransomware prediction above. This evolution leads to the development of a criminal enterprise 2.0 model that is predicted to appear in the dark web in 2018 and 2019. Cyber Crime as a Service models in the dark web are continuing to evolve and expand at an alarming rate so it could be argued that those services and criminal business models will become more integrated into an end-to-end criminal enterprise that could eventually be licensed or franchised to organized crime syndicates, nation states, or hackers and dark web actors that have the financial resources and desire to build criminal enterprises. Read more about the evolution of the criminal enterprise 2.0 in the blog series from 2017.
    3. Business Process Compromise: These attacks have evolved from basic counterfeiting, coercion, financial and business fraud, and theft into complex, well planned and orchestrated physical and cyber-attacks that are used to disrupt or disintermediate business processes, or create counterfeit – fraudulent business processes within companies and on the web in order to steal payments, customer-employee-supplier-partner information, or gain access to critical systems or finance and banking accounts. While these attacks are not new, we believe these attacks will expand across industries and market segments and will grow exponentially to include online business and brandjacking attacks. With immature online brand and product-service validation and verification processes and standards in place across websites, exchanges, marketplaces, social media, and ecommerce platforms, we have validated how easy it is to set up and launch counterfeit corporate websites, webpages, and social media brands that can be used for brandjacking purposes. See examples of these types of attack trends within this 2017 presentation.
    4. Compliance Rate of Change: Federal, State, and Local governments are becoming more aware of cyber-threats and attacks and have begun to respond with new legislation to address threats and empower various agencies with resources to enforce law. In parallel, Industry leaders, standards groups and associations that publish compliance standards and frameworks are continuing to evolve those standards and the requirements and controls within those frameworks to address market and legislation changes. The rate of change is significant, unamalgamable in many cases. We predict that more organizations will struggle to keep up with the rate of regulatory compliance change, the evolution of cyber-attacks and threats as mentioned above and the evolution of cyber and compliance programs, systems, policies and internal team member skill. These trends will eventually lead to the hypergrowth of data breaches that could cause even heavier government oversight, regulation, penalties, and control. Read more about the Rate of Compliance Change in this presentation from 2017.
    5. Cyber and Physical Security Integration: Over the last 24 months we have spoken to many small, medium sized, and global organizations that are planning or have already started to integrate cyber and physical security programs, methods, teams and tools. We see this as an emerging trend that due to the evolution of the cyber-attacks outlined above, will accelerate in 2018 and 2019 and will help drive technology manufacturers, MSPs, MSSPs and Solution Providers to evolve and integrate their products and portfolio of services to address these requirements and the growing market demand for integrated physical and cyber security. Read more about our initial prediction on this trend in this 2016 blog.
    6. Vendor Innovation Acceleration: We believe the evolution of cyber-attack and industry trends outlined above will push technology, consulting, cloud, MSP, and MSSP vendors into an Innovation desperation mode. The Technology, Consulting, MSP, MSSP, and VAR market segments have been evolving and converging for over 4 years and this convergence will continue, forcing these vendors to innovate or die. New product and service delivery, pricing and financing models will emerge and will help customers to consume these products and services through more cost effective and pragmatic methods such as a utility (pay as you use – and go model). Read more about vendor convergence trends in this 2017 presentation.
    7. Growth (but Difficulty) in Delivering Impactful vCISO Services: The demand for Virtual (off payroll) Chief Information Security Officer and Compliance Officer services is increasing as the shortage of talent and leadership within the industry grows and new talent entering the market is not keeping up with the global growth of cyber-attacks and the compliance rate of change. That said, we believe these virtual CISO and Compliance Officer services and roles will evolve and will become more difficult to fulfill effectively as physical and cybersecurity requirements and programs converge and compliance requirements change and evolve. Over the last two decades traditional education, training and certification curriculum and programs have struggled to keep up with the rapid evolving market and have been unable to produce skilled workers and executives that have skills and experiences are blended (technology, engineering, cyber, finance, business acumen and communications) transferable, effective and can be utilized to successfully navigate the trends and convergence outlined in the trends and predictions above. That said, many higher education organizations such as ASU, Embry Riddle Aeronautical University, University of San Diego, and others have continued to evolve, refresh and launch new curriculum and programs to address the ever changing market and to produce the next generation of cybersecurity and compliance professional and executive. In the meantime, cyber, risk, audit and IT workers and executives that have the capacity and desire to learn and change, need to capitalize on some of these new education programs and resources, and rise to the occasion – developing skills and capabilities that are more cross-functional and diverse in the areas of: Cyber, Risk, Audit, Business, Finance, Communications, Strategic Planning, Leadership and Organizational Management. These are critical skill areas that are required to navigate the rapid and ongoing evolution of the industry and the changes occurring with the physical, cyber and compliance markets.
    8. Ongoing IT Vendor and Solution Provider Convergence: Over the last 5 years we have witnessed various technology solution providers, consultancies, resellers, and cloud companies enter the cybersecurity and compliance market. Many organizations are jumping into the hot cybersecurity market trying to diversify their portfolio to grow their business or remain relevant to customers. While the barrier to entering the market may be low for some organizations that have existing adjacent products, services and capabilities, the level of difficulty is high in terms of those organization’s being able and ready to create confidence, build thought leadership and add value to customers without creating additional confusion in the market. We have recently witnessed a large push by traditional MSPs in terms of evolving themselves into MSSPs, and traditional VARs expanding their portfolios to include niche cybersecurity and compliance consulting services and cloud, MSP, and MSSP offerings. We predict this level of convergence will continue in the market and will accelerate the commoditization of solutions and services in the market, thus driving the need for innovation as mentioned in #6 above. Read more about MSPs evolving into MSSPs in this recent article from February 2018.


Article written by Tyler Rathjen