2017 was the year when the word ransomware stopped being a term exclusive to cybersecurity experts and IT departments. The enormous media attention that attacks such as WannaCry and Petya/GoldenEye received turned this type of threat into one of the key trends for businesses last year. However, highly publicized events must never serve as a risk indicator, nor influence on any security related decision.
This year, the constant evolution of cybercriminality hasn’t taken a break. Cybercriminals have already begun to change their tactics: instead of attention-grabbing, showy attacks like those we saw last year, they are opting for sneakier tactics such as cryptojacking.
Cryptojacking, one of 2018’s booming trends, is the unauthorized use of a user’s devices to mine cryptocurrencies, and can get in via phishing emails, malicious URLs, or through vulnerabilities. Its aim is to go unnoticed for as long as possible, and thus fully exploit its victim’s processing power.
The year of personal data
One new story that has affected many cybersecurity professionals is the definitive implementation of the GDPR in May this year, something that had repercussions in nearly the whole world.
And the fact is that this new regulation has coincided with some of the most massive data breaches in history: Marriott International, Exactis, or the notorious Facebook and Cambridge Analytica case.
What can we expect to see next year?
One of the leading trends in cybercriminality in 2019 will be live hacking. Although “traditional” types of malware, such as Trojans or worms, are still being used frequently by attackers, new malwareless attack techniques will grow at a faster rate. This can be put down to an increased difficulty in detecting them on the one hand, and on the other hand, to the increased cyberoffensive capacity in the world, both of states, and of criminal gangs, both state sponsored and unaffiliated.
In 2018, nation states have played a more significant role in the digital realm, as a consequence of the more protectionist positions in the western world (the United States and the United Kingdom), the reactions of other powers (mainly Russia and China), and the increasing climate of mutual distrust among them. One compelling prediction suggests that the concept of digital sovereignty will also spread to security in 2019, especially in Europe, moving towards a European digital sovereignty.
Find out all the main threat data from this year, together with the most important news, and all our predictions for 2019 in our PandaLabs Annual Report.