The harsh realities of today’s cyber landscape are that there are an increasing number and types of threat
looming and waiting to attack IT systems of large, small and middle market enterprises. The size, type or
industry doesn’t matter. Everyone is vulnerable including nations and their federal, state and local
governments. Malicious AI-driven chatbots, crimeware as a service, and the resurgence of ransomware
are pervasive. Additionally, cyber attacks on satellites are taking root. There have been reported attacks
on telecommunication companies’ satellites, as well as the satellite communications systems used by
the military, airplanes and ships creating concern that cyber criminals will utilize satellite antennas as
weapons to create further havoc.
The leading cyber security threats of 2019 include:
Ransomworm – The next level of cyber security nastiness that encrypts files and holds them
captive until ransom demands are met. When ransomware is attached to a network worm, the
level of extortion rises from traditional PC extortion to the Internet of Things (IoT), high net worth
users and major corporate disruption.
Phishing and Whaling Attacks – Where hackers send fraudulent emails from trusted accounts to
target businesses through individual staff members. An innocent staff member clicks on the email
and then the attachment, at which point the attachment, which is tagged to the email, starts
releasing a malware capable of stealing data. Whaling takes this aforementioned cyber attack
strategy to the next level by targeting high net worth individuals, often CIOs and CEOs.
Machine Learning-enabled Attacks – Wherein social engineering attacks are launched and, if the
hackers are able to access publicly available data, they proceed to use complex analysis tools for
precision selection of target.
Iot Botnets – Impacting the projected 8.4 billion things that will get connected to the Internet this
year, further compromised by Distributed Denial of Service (DDoS).Keep in mind that, despite these leading threats, the way most systems get hacked today are through
attack vectors such as: external hackers, phishing attacks, malware and key loggers, and/or a disgruntled
former user such as a former employee. Finally, a common way many companies’ systems open
themselves to hacking incidences is by simply failing to have or enforce cyber security controls and
related policies.
“Increased Regulation and Litigation”