The top 5 cybersecurity takeaways from 2019

Spear phishing

Put this in the “what’s old is new again” category. Spear phishing has been around for some time, but it is increasingly sophisticated. Hackers are extracting personal information from social media and pairing it with familiar tech tools, like telephone calls and texting.

The result: the purchase order from your top client looks real. There’s no reason to doubt if it is real. But maybe it’s not? Perhaps it is just a really good fake. That is the dilemma MSPs and security personnel find themselves facing.

“Spear phishing is a growing issue for businesses with a lack of security awareness and training. Often employees will fall into victims with a click of a button. Large companies, such as Google, are making moves to safeguard people, but we still got a long way to go,” notes professor Jin Hong, a cybersecurity professor at the University of Western Australia.

Ransomware meets AI

Ransomware attacks have been on the decline, and 2019 continued that trend. But the emergence of AI-powered ransomware wreaked havoc in some high-profile incidents this year, sparking fears that more may be on the way.

Analytics India had this to say in June about the emergence of AI coupled with ransomware:

“It is a completely new, power-packed makeover for some of the notorious ransomware and there are chances that these worms would evade any cyber defense into computer networks and create havoc.”

Dr. Hong echoes the concerns:

“Ransomware is also something that is lingering persistently, closely coupled with new variants of malware. With the rise of machine learning and AI, it is much easier to create malware variants that would bypass our existing detectors. This is an arms race that we need to pay closer attention to.”

While this makes our list for 2019, we’re worried that this could become a massive issue for MSPs within the next couple of years.

Cyber-safety in the skies

When Ethiopian Airlines Flight 302 crashed shortly after takeoff from Addis Ababa, killing 157 people in March, few people thought it had cybersecurity implications. However, investigators quickly connected the crash to a similar one that happened in Indonesia at the end of 2018. After some research, it was discovered that there was a software flaw in the new Boeing 737 Max that allowed it to override pilot commands. If software flaws can trigger such a disaster, it is only a matter of time before cybercriminals figure out how to exploit vulnerabilities. As Forbes pointed out in an article, all the reinforced cockpits in the world won’t help if hackers can crash a plane from the ground.

Olaf Manuel Maennel, professor of cybersecurity at Tallinn University of Technology’s Centre for Digital Forensics and Cyber Security in Estonia, tells SmarterMSP that he shares those cybersecurity concerns, as the biggest story of 2019.

“Although the Max 8 crashes had many contributing factors and the MCAS system is a Boeing software flaw and not a cyberattack, I think the aviation community has woken-up to the fact that the security of digital systems could be a serious threat to aviation,” observes Maennel. Further, if Boeing can make mistakes, state-sponsored attackers have probably already developed sophisticated cyber-weapons.

MSPs that have interests in aviation, autonomous vehicles, or stakes anywhere within the cybersecurity ecosystem need to follow this story.

MSPs vulnerabilities

MSPs are tasked with managing and maintaining networks and, hopefully, persuading their clients to provide security to the systems. So, it is not good when MSPs find themselves the victims of attacks, which is precisely what happened on several notable occasions in 2019.

One large MSP in the USA, which was never publicly identified, ended up paying hackers $150,000 in Bitcoin, “to gain access to the decryption keys required to recover the data that was not protected by air-gapped backups,” according to MSSP Alert.

On one hand, MSP attacks are a sign that perhaps mainline enterprise security is getting stronger, forcing hackers to look for weaker links in the system. The bad news is that the weakest link can be the MSP. Still, MSPs weren’t the only ones targeted, as the whole issue of supply chain attacks loomed large in 2019, where hackers looked for entry points into enterprise businesses.

Data breaches

One expert told Smarter MSP that the most valuable asset an MSP safeguards isn’t expensive servers, routers, or networks: it’s data. It’s the social security numbers of patients, the credit card numbers of clients, and the shopping habits of top customers. So why does it keep getting compromised?

The onus isn’t all on MSPs, not by a long shot. Corporations, vendors, MSPs, and all stakeholders have a role in crafting the complex ecosystem that is supposed to safeguard data. Not safeguarding data is expensive, as Security Intelligence outlines:

“According to IBM’s latest numbers, the tab can run up to $3.92 million after investigation expenses, damage control, repairs, lawsuits, and fines. That’s up 12 percent over five years, with no signs of slowing.”

With the Equifax breach of 2017 still grabbing headlines, plenty of other breaches were happening too. Marriott experienced a massive data hack in January 2019, and the year ended with discovering a sprawling breach at the convenience store giant, Wawa.

The takeaway? Criminals continue to target data. MSPs need to view data the way banks view currency. If trends continue, 2020 is going to give MSPs quite a ride.

Photo: Sylwia Bartyzel / Shutterstock

Categories

Tags

Archives