Threat Intelligence

5 New Threats Every Organization Should be Prepared for in 2018

Yassine Aboukir
March 21, 2018 by
Yassine Aboukir

It is no wonder that 2017 was a year full of surprises in the world of cybersecurity. So far in 2018, we've seen new threats appear, and relatively older ones evolve. The digital threats confronted by companies large and small are in perpetual flux, and cybercriminals are continually discovering new ways and techniques to step up their game. As a result, it is crucial for organizations to stay one step ahead by keeping an eye on things and sharpening their defenses to stop future threats.

Here are five global security threats organizations must prepare for in 2018.

1. Attacks on Internet of Things (IoT)

It has become very rare to find any organization not using smart devices. These use different technologies ranging from cell phones and Wi-Fi to Bluetooth and NFC. Organizations are increasingly adopting IoT devices which are not necessarily secure by design. This is going to be problematic for organizations, and their information may be shared outside of their networks without knowledge. According to IHS, more than 15 billion smart devices have already been installed as of 2015, and the statistics are expected to double and reach 30 billion by 2020.

This is frightening, especially when it comes to IoT devices embedded in industrial control systems or others used in healthcare. The consequences of a security breach can be disastrous.

2. Ransomware

Ransomware is malicious software that encrypts a victim's data and demands a payment or ransom in exchange for the encryption key. You would be surprised at the number of organizations operating without a single backup, which would render any recovery attempt hopeless and impossible. As of 2017, we have noticed a historical increase in the number of cybercriminals profiting from ransomware. A report from Symantec indicates the average of ransoms demanded by criminals has jumped from $294 in 2015 to $679 in 2016.

The consequences of similar attacks can be seen from the recent worldwide attack caused by WannaCry ransomware in May 2017, which targeted systems running Microsoft Windows. WannaCry has spread to over 150 countries, crippling organization in various industries, including healthcare.

Developing kits for malware and ransomware exploit is booming, and ransomware-as-a-service (RaaS) has emerged, making it easier for novice cybercriminals to conduct sophisticated and profitable attacks.

3. Social Engineering/Phishing

Social engineering is not a new attack vector and has been used by criminals for decades. Social engineering relies on human interaction. It manipulates people into performing actions that would break normal security procedures or divulge confidential information.

Phishing is a form of social engineering conducted over email. In a phishing attack, hackers disguise themselves as a trustworthy entity in an attempt to either obtain sensitive information such as login credentials or credit card details, or to mislead the victim into clicking on a link or downloading malicious software.

The number of emails embedding malicious attachments is dramatically increasing. Proofpoint had noted a significant change from phishing campaigns using malicious document attachments to using archives or malicious URLs.

Organizations are urged to deploy solid security awareness to their employees through regular training and/or by conducting a red team assessment.

4. Increasing Application Attacks

Organizations develop or maintain a number of applications (software, web or mobile applications) which are either used to operate daily or represent the product itself. These applications have and will always remain as cybercriminals' favorite backdoor. Vulnerabilities such as injections, client-side vulnerabilities and buffer overflow are examples of popular security flaws that attackers still leverage to gain unauthorized access to databases or compromised machines.

This is no surprise, as many organizations often neglect updates/patches and keep running outdated software. Duo Labs has conducted research in which they focused on the dangers of outdated software. They found that 25% of business systems are prone to over 700 possible security vulnerabilities. Microsoft's browser is confirmed to be one of the most insecure browsers for instance.

Organizations often assume information security is a network problem, so by securing their own perimeter using IT solutions such as firewalls or IPS/IDS, they are secure. However, Gartner has estimated that 70% of vulnerabilities are mainly due to inadequate application security.

5. Upcoming Compliance Challenges

A threat is basically anything that has the potential to cause severe harm or damage to the organizations — that is why new regulations are a concern to high-level executives. Regulations have been in place to ensure that organizations follow the industry's best security practices and comply with all the necessary standards. However, in the past few years, especially with the rise of cybersecurity breaches, we have noticed an increasing number of laws taking place such as The General Data Protection Regulation (GDPR). In case of transgression, sanctions can go as high as 4% of the company's annual worldwide revenue.

Consequently, it is evident that implementing security controls to stop previous threats should help in reducing the impact of these regulations. Furthermore, complying with these regulations is essential to company survival, and any non-compliance is likely to be heavily sanctioned. The Equifax breach, for instance, would have failed Europe's GDPR and the company may have faced a fine of around $62.9M.

Hands-on threat intel training

Hands-on threat intel training

Learn how to collect, analyze and act on cyber threat intelligence with expert instruction and hands-on exercises in Infosec Skills.

In the end, when it comes to cybersecurity, the traditional quote "prevention is better than cure" makes total sense. It would be very wise and cost-effective to invest earlier in a better defense strategy than to later incur substantial financial losses because of poor security practices. It is imperative for organizations to deploy more efforts towards a proactive approach to mitigate future information security threats.

Yassine Aboukir
Yassine Aboukir

Yassine ABOUKIR (@yassineaboukir) is a security analyst at HackerOne by day, ethical hacker by night, actively participating in bug bounty programs. Acknowledged and rewarded by numerous companies including but not limited to Google, Facebook, Microsoft and Twitter etc. for his various responsible security disclosures. He is reachable at: &