Looking Back on 2018 to Prepare for 2019

Nir Gaist, Founder & CTO, Nyotron

More Frequent and Devastating Attacks on Industrial IoT

One lesson we learned is that municipalities and utilities are soft targets. In December, the city of North Bend, Ore., was hit with a ransomware attack which temporarily locked city workers out from their computers and databases. Just a couple days later, the City of Topeka, Kan., discovered its third-party payment vendor was breached, possibly exposing the personal information of about 10,000 utilities customers. The SamSam ransomware attack in March that crippled Atlanta’s computer network could cost taxpayers $17 million.

These are just a few of the cases that inform my prediction that not only will attacks on municipal agencies and industrial IoT will become more common, but attackers’ objectives will be more insidious: to create a major disaster at a critical infrastructure facility, such as a power plant or hydroelectric dam.

A.I.-Powered Malware

AI and Machine Learning (ML) have been the buzzwords in the security industry for a while now. While you’ll see more security vendors incorporate them into their product, I expect hackers will start using these techniques maliciously, and predict a significant attack or strain of malware will leverage AI in 2019.

A New, Unknown Threat Is on the Horizon

Just like Spectre/Meltdown appeared seemingly out of nowhere in 2018, I predict a previously unknown threat will arise in 2019. As most of the security industry still relies on existing data for threat detection (including training ML models on old/known malware samples), there will be organizations that will find themselves in the unfortunate position of being a “patient zero”.

I provide more in-depth explanations for my three predictions in our blog, and you will find my posts on each one when you scroll down to the NYOTRON BLOG section of this newsletter.

I’m curious to hear what your expectations are for 2019. Will the security landscape get better, worse or stay the same for your organization this year? Please take a moment to answer our poll question below, and we’ll reveal the results in our next issue of What the Hack?!

To Stockpile or Disclose Zero-Days? The Votes Are In

Thank you to everyone who participated in our December issue poll on whether the government should stockpile or disclose new zero day threats it discovers. The majority of you (63%) voted for stockpiling in the interest of national security. The poll results also reveal the most of you (79%)  do not feel confident in your ability to stay up to date with OS and application patches. Responses on the level of threat that zero-days pose to organizations was almost evenly split between “Unsure” and “High”.

INDUSTRY SPOTLIGHT: Airlines

Ofer Tsabary, Chief Information Officer for El Al Airlines, explains why the airline implemented Nyotron’s PARANOID to address the biggest challenge the industry faces in today’s digital era – thwarting both current and future emerging threats – while knowing nothing about them.

Read More

Poll

Fill-out this anonymous poll about your expectations for 2019. We’ll share the results in our next issue.

Looking Back on 2018 to Prepare for 2019 - newsletter