In a year in which companies continued to grapple with the fallout of data breaches, data was walking out the door with workers, governments continued to wrestle with how to secure civil systems and election machinery, security professionals faced increasingly urgent threats to the IT infrastructures they were charged with protecting. Here were some of the biggest 2019 cybersecurity threats and trends.
Ransomware Got More Sophisticated and More Frequent
Report after report confirms that ransomware remains a huge problem for all types of organizations. There are more ways than ever to trick users into providing sensitive information or downloading a malicious software package. For businesses, the costs are dire – not only in terms of money, but in terms of reputation. According to Cybersecurity Ventures, a business will fall victim to a ransomware attack every 11 seconds by 2021, up from every 14 seconds in 2019 and every 40 seconds in 2016. These types of attacks cost businesses more than $8 billion in 2018 alone, with the average cost of a single ransomware attack pegged at $133,000. And it's getting worse; more than one million new phishing sites are created every month.
IoT Devices Brought a New Denial of Service Attack Vector
There is no doubt Internet of Things (IoT) is taking over. Whether it's medical devices, security cameras, lighting or machines on the plant floor or in the data center, devices that collect and transmit sensitive sensor data are everywhere. While IoT devices can benefit organizations in numerous ways, they have also become a source of security concern. Hackers can exploit IoT devices by hijacking them to carry out Denial-of-Service attacks. They can also be the target of Denial-of-Service attacks.
According to one recent survey from software company Irdeto, eight in 10 organizations have experienced a cyberattack on their IoT devices in the past year. It doesn't help that organizations often fail to update firmware, use default passwords or fail to secure and encrypt communication between devices and cloud services.
Multicloud Environments Introduced Multiple Security Issues
The majority of organizations today use multiple cloud providers for good reasons, including greater flexibility, lower cost, better risk management and avoiding vendor lock-in. Yet distributing assets over multiple clouds, especially if they are public clouds, can actually increase complexity, reduce visibility and create security problems. That's why it was one of the top 2019 cybersecurity threats.
One recent survey from the Cloud Security Alliance found that managing multiple clouds could cause configuration and visibility problems, increasing the difficulty of managing security. Another report found that of organizations with a multi-cloud approach, 52 percent experienced a data breach over the past 12 months. Typically, organizations that focus on private clouds experience less security risks.
Email Threats Continued to Expand
A 2019 cybersecurity threats list wouldn't be complete without talking about email threats. While installing a secure email gateway used to be an effective defense against email threats, that's no longer the case. Hackers are getting more sophisticated, with account takeovers, social engineering, impersonation and cryptocurrency mining malware.
One recent report from GreatHorn found that even companies with multi-layered email defense strategies aren't fully protected; about 22 percent of respondents reported experiencing a data breach due to an email-borne attack in the past three months. Mimecast's State of Email Security Report found that impersonation attacks increased by nearly 70 percent over 2018, and the vast majority of those attacks resulted in a direct loss of customers, money or data. Phishing was the most prevalent type of email attack. All of this points to one reality: companies need to shore up their email defenses, stat.
AI Made Security Tools More Intelligent
Older cybersecurity tools still have value, but they often require more manual configuration and management than newer, more automated tools. That means more possibilities to introduce security vulnerabilities through human error. Consequently, cybersecurity vendors have been busy imbuing existing tools with AI capabilities or developing new tools that depend on it to help combat sophisticated 2019 cybersecurity threats. They runs the gamut, from event monitoring and incident response to firewalls.
"This year, there are actual solutions that work with machine learning and AI," said Johannes Ullrich, dean of research at SANS Technology Institute at the RSA conference earlier this year. "People really started to figure out where it fits in."
That's good news; according to a recent report from Capgemini, nearly two-thirds of organizations don't think they can identify critical threats without AI. Expect this trend to continue; the Capgemini report found that almost three-quarters of organizations are testing AI in cybersecurity use cases in some way.