Cyberattacks Will Rely on Vulnerabilities

Rik Ferguson, VP of Security Research for Trend Micro
Rik Ferguson, VP of Security Research for Trend Micro
7 years ago

Trend Micro Incorporated predicts the trend of known vulnerabilities being used in major attacks will continue in 2018 as corporate attack surfaces expand and expose more security holes. Patch management and employee education should be prioritized for all executives to protect an organization’s most critical data.

As information technology and operational technology (IT/OT) continue to converge, enterprise applications and platforms will be at risk of manipulation and vulnerabilities, as stated in Trend Micro’s 2018 predictions report. Additionally, Trend Micro predicts an increase in Internet of Things vulnerabilities as more devices are manufactured without security regulations or industry standards. Overall, the increased connectivity and enlarged attack surface present new opportunities for cybercriminals to leverage known issues to penetrate a corporate network.

“Many devastating cyberattacks in 2017 leveraged known vulnerabilities that could have been prevented had they been patched beforehand. This trend will continue next year as corporate attack surfaces expand and expose more security holes. While this remains a challenge for enterprises, executives should prioritize vulnerability management as they make 2018 cybersecurity plans, particularly in the looming shadow of GDPR implementation,” said Rik Ferguson, VP of Security Research for Trend Micro.

Ransomware will continue to be a mainstay due to its proven success. There will be an increase in targeted ransomware attacks, in which the criminals go after a single organization to disrupt operations and force a larger ransom payout. Business Email Compromise (BEC) attacks will also continue to gain popularity with attackers, as the return on investment for successful attacks is quite high.

“Institutions must continue to share critical information so we can better prevent and respond to these cyber threats limiting exposure to sensitive data,” said Edwin Martinez, CISO for CEC Entertainment.

Threat actors will also leverage growing technologies, like blockchain and machine learning, to enhance obfuscation against traditional cybersecurity protections. For this reason, the company recommends a layered, cross-generational defense strategy, which combines the latest security techniques with proven tactics that reinforce nearly 30 years of experience protecting some of the biggest global brands.