If 2017 was the year of ransomware then 2018 has been the year of the hack. The increasingly sophisticated threats coupled with the implementation of data protection regulations made this 2018 a challenging year in cybersecurity. The introduction of the EU’s GDPR shaped the cybersecurity landscape forcing organisations to adjust their strategies or risk losing more than their data.
Although GDPR focuses on the protection of EU citizens’ personal information the effects of the Regulation have been felt across the world – including in South Africa. South African organisations also saw first-hand that cybersecurity incidents are not limited to major organisations overseas but are affecting local organisations as with the Liberty Holdings data breach.
Panda Security’s Annual Report 2018 analyses data gathered by the organisation’s anti-malware research facility – PandaLabs, to present insights into major attacks and makes predictions for 2019.
Top Threats from 2018
The main target for attacks is still the endpoint with the shift being towards more evasive malwareless attack types. That being said, Malware is still present and actually increased by 60% from 2017. Fileless attacks have decreased thanks to effective execution control delivered by technology such as Panda Adaptive Defense and its 100% attestation service. The key threats we saw in 2018 were:
• Continued prevalence of Malware attacks
• Increase in live hacking attacks utilising RDP
• Boom of Cryptojacking
Predictions for 2019
It is likely we will see an increasing number of malwareless attacks as cybercriminals turn to more sophisticated tactics in order to evade detection. Organised criminal groups and nation-states are likely to go on the offensive, leveraging these kinds of attacks.
In 2018, nation states played a more significant role in the digital realm, as a consequence of the more protectionist positions of the United States and the United Kingdom, the reactions of other major powers namely Russia and China, and the increasing climate of mutual distrust among them. One compelling prediction suggests that the concept of digital sovereignty will spread to security in 2019, especially in Europe, moving towards a European digital sovereignty.