Cybersecurity Threats In 2019

Uploaded on 2019-01-17 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

Cybercrime hit business with  increasing costsin 2018. This has been significant as cyber criminals have learnt from their own success and are now far more effective in their attack and steal processes. Many cybercriminal groups are now organising themselves along more traditional business processes and are improving their criminal effectiveness.

65% of large UK firms realised that they had been breached and attacked in 2018 and ransomware has become more common as a method criminal profit.

2018 also saw a massive increase in global cybercrime with Interpol reporting that it now runs in the billions of euros/pounds and dollars. Now cyber-crime is fastest growing areas of global crime and now instead of a few small groups and some individuals committing the crimes the groups have now grown and are very similar in sophistication and process to large traditional business models.

The crimes themselves have not changed dramatically as the criminals are still taking money from stealing fraud, theft, gambling and illegal drug and fake medicine sales but the expansion of the criminal activity to cyber-crime is far more effective and profitable for criminal business in general. 

The UK’s Office for National Statistics (ONS) said in 2018 that computer misuse and malware against business was significantly increasing and was up 63% in a year.  

The UK’s National Cyber Security Centre (NCSC) which is part of GCHQ has said that cyber-crime has now reached its highest level to date and is asking all governments to advise all business to improve their cyber-security standards and actions.

The UK has made some progress but more police training is required as cybercrime is now considered by CSI to be over 1% of GDP by the end of 2019. 

One of the current problems other than a lack of real cyber training for all police officers is that many businesses are still not reporting cyber-attacks as they are concerned about the public relations effects.

Cisco now has a contract to train 120k police officers in the UK on cyber security however it is still the case that trying to report a cyber-crime to the police in the UK is not easy and it often means that they send victims who have had their bank accounts robbed are sent by the police back to their bank rather than the police dealing with the crime.  

The problem for the police is that they are already overstretched with the numbers of police at its lowest level since 1981 and the numbers continue to fall and so there is no capacity within the forces to spend the necessary time on cyber-crime. 
Budgets for electronic systems has not for most governments, police services or commerce grown yet the potential for cyber-attacks has increased significantly and this reality will become more of a problem for many organisations over the coming months. 

There are no simple answers but staff training, understanding your security issues and more carefully managing your data has become crucial.  

There are a number of issues you should be monitoring including such areas as your use of cloud, training to reduce phishing attack effects and where a lot more different systems are connected. 
As the use of cloud based systems increases the security issues will increase and your own IT people should monitor and check your cloud use.

It is very important to ensure that as changes and up-grades to your systems take place that all old systems are effectively cleared and completely separated from the new up-grades as entering your new systems from your old technology is a way cyber-attacks use as it is often one of the easier ways into your new system.

It has been true of some of the analysis we have done over the past years that there has been a significant increase in internal and recently left employees IT problems. 

Often this is due to lack of training or when an employee leaves either through redundancy or because they have had an argument with their colleagues and or management or just because their access to the system has not been completely shut-down and so they still have access. 

Costs for Cyber Security
One of the issues that needs attention is to carefully budget for how much cyber security investment should be made and this should start with analysing how much an attack could cost and its effects. Getting an independent review of your systems and personnel cyber comprehension is very worthwhile and gives you a much better understanding of the risks and ways to improve the people and systems. 

Some of the broader issues that will affect organisations in 2019 will be due to AI and the ability to change and create fake news using video and audio. 

One way this can affect your organisation is that these fake pieces can be used to get your staff to wrongly change something within the systems. Or it can create fake emails that con and mislead employees to pass over passwords or sensitive data and information. These effects can also be used to create fake news about a government or a company’s activities and unfortunately that will be some of the 2019 news.

It is very important that you tackle these issues before too long into the new year as going through the review process will give you a much better understanding of the potential issues and where positive action can take place that makes this year much IT safer. 

News by CSI:

You Might Also Read:

Cybersecurity 2019: Predictions You Can’t Ignore:
 

 

« Drones Interrupt International Flights
The Attack Surface Is Growing Faster Than Ever »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Irish Reporting & Information Security Service (IRISS)

Irish Reporting & Information Security Service (IRISS)

IRISS-CERT is Ireland's first CSIRT (Computer Security Incident Response Team) to provide services to all users within Ireland.

ThreatConnect

ThreatConnect

ThreatConnect is an enterprise threat intelligence platform by Cyber Squared bridging incident response, defense, and threat analysis for InfoSec & DFIR teams.

Information-Technology Promotion Agency (IPA) - Japan

Information-Technology Promotion Agency (IPA) - Japan

IPA is an implementing agency in Japan with a role to address Information Security, IT Systems Reliability and IT Resource Development.

BlackBerry Cybersecurity

BlackBerry Cybersecurity

Blackberry provides intelligent security software and services to enterprises and governments around the world.

3Elos

3Elos

3Elos operates in the Information Technology market with a focus on research, development, consulting, marketing and implementation of Information Security solutions.

TES

TES

TES is a provider of IT Lifecycle Services, offering bespoke solutions that help customers manage the commissioning, deployment and retirement of Information Technology assets.

American Cybersecurity Institute

American Cybersecurity Institute

American cybersecurity Institute is a newly formed not-for-profit organization dedicated to education, advocacy, study and analysis in the space of cybersecurity law and policy.

GrrCON

GrrCON

GrrCON is an information security and hacking conference that provides the Midwest InfoSec community with a fun atmosphere to come together and engage with like minded people.

DataViper

DataViper

Data viper is a threat intelligence platform designed for organizations, investigators, and law enforcement.

Axio Global

Axio Global

Axio is a leading cyber risk management SaaS company. Our Axio360 platform gives companies visibility to their cyber risk, and enables them to prioritize investments to protect their business.

Gatefy

Gatefy

Getfy is a cybersecurity company specialized in artificial intelligence and machine learning. We work to solve challenging issues, especially those involving email security.

Cranium

Cranium

AI is being implemented into every business process, but nobody knows whether their AI is secure. Our mission is to deliver security and trust to the AI revolution.

US Department of State - Bureau of Cyberspace & Digital Policy

US Department of State - Bureau of Cyberspace & Digital Policy

The Bureau of Cyberspace and Digital Policy leads and coordinates the Department’s work on cyberspace and digital diplomacy to encourage responsible state behavior in cyberspace.

Cyber Defense International (CDI)

Cyber Defense International (CDI)

At CDI, we utilize decades of experience in designing and building large-scale cybersecurity programs, creating tailored solutions and services that protect businesses from cyber threats.

Kolide

Kolide

Kolide ensures that if a device isn't secure, it can't access your apps.

RAH Infotech

RAH Infotech

RAH Infotech is India’s leading value added distributor and solutions provider in the Network and Security domain. We are specialists in Enterprise and App Security and Application Delivery.