Looking Back on 2018 to Prepare for 2019
Nir Gaist, Founder & CTO, Nyotron
More Frequent and Devastating Attacks on Industrial IoT
One lesson we learned is that municipalities and utilities are soft targets. In December, the city of North Bend, Ore., was hit with a ransomware attack which temporarily locked city workers out from their computers and databases. Just a couple days later, the City of Topeka, Kan., discovered its third-party payment vendor was breached, possibly exposing the personal information of about 10,000 utilities customers. The SamSam ransomware attack in March that crippled Atlanta’s computer network could cost taxpayers $17 million.
These are just a few of the cases that inform my prediction that not only will attacks on municipal agencies and industrial IoT will become more common, but attackers’ objectives will be more insidious: to create a major disaster at a critical infrastructure facility, such as a power plant or hydroelectric dam.
AI and Machine Learning (ML) have been the buzzwords in the security industry for a while now. While you’ll see more security vendors incorporate them into their product, I expect hackers will start using these techniques maliciously, and predict a significant attack or strain of malware will leverage AI in 2019.
A New, Unknown Threat Is on the Horizon
Just like Spectre/Meltdown appeared seemingly out of nowhere in 2018, I predict a previously unknown threat will arise in 2019. As most of the security industry still relies on existing data for threat detection (including training ML models on old/known malware samples), there will be organizations that will find themselves in the unfortunate position of being a “patient zero”.
I provide more in-depth explanations for my three predictions in our blog, and you will find my posts on each one when you scroll down to the NYOTRON BLOG section of this newsletter.
I’m curious to hear what your expectations are for 2019. Will the security landscape get better, worse or stay the same for your organization this year? Please take a moment to answer our poll question below, and we’ll reveal the results in our next issue of What the Hack?!
To Stockpile or Disclose Zero-Days? The Votes Are In
Thank you to everyone who participated in our December issue poll on whether the government should stockpile or disclose new zero day threats it discovers. The majority of you (63%) voted for stockpiling in the interest of national security. The poll results also reveal the most of you (79%) do not feel confident in your ability to stay up to date with OS and application patches. Responses on the level of threat that zero-days pose to organizations was almost evenly split between “Unsure” and “High”.
INDUSTRY SPOTLIGHT: Airlines
Ofer Tsabary, Chief Information Officer for El Al Airlines, explains why the airline implemented Nyotron’s PARANOID to address the biggest challenge the industry faces in today’s digital era – thwarting both current and future emerging threats – while knowing nothing about them.
Nyotron in the News
Fill-out this anonymous poll about your expectations for 2019. We’ll share the results in our next issue.
February 11-15 Orlando, FL Booth # 400-25Click here to register!
MISTI Incident Response eSummit
February 14, 2019Click here to register!
February 28, 2019 Denver, COClick here to register!
RSA Conference 2019
March 4-8, 2019 San Francisco, CA Booth #4429Claim your free Expo Plus pass here!