2018 was not any different as we started off with the striking disclosure of the Meltdown and Spectre vulnerabilities, which put practically every operating system and device on the planet at risk.
Beyond those global incidents, countless cyberattacks threatened consumer privacy, worldwide commerce and even infrastructure in some regions.
Coming back home, a Cyber Security report by Serianu, released earlier this year showed that Kenya lost approximately Sh21.2 billion to cybersecurity in 2017, second only to Nigeria which lost Sh65.5 billion. Africa lost Sh350 billion to cybersecurity with financial institutions most affected. This numbers could even go higher in 2018.
In one way or another as business owners cybersecurity affects us, since we run three quarters of our business on the internet. But how safe is your data? With more innovations and technologies coming up, we are headed to harder times, Sophos a global developer and vendor of security software and hardware, providing endpoint, encryption, email, web, mobile and network security as well as Unified Threat Management products, have put together their 2019 Threat Report, which provides insights into emerging and evolving cybersecurity trends.
The report, produced by SophosLabs researchers, explores changes in the threat landscape over the past 12 months, uncovering trends and how they are expected to impact cybersecurity in 2019.
“The threat landscape is undoubtedly evolving; less skilled cyber criminals are being forced out of business, the fittest among them step up their game to survive and we’ll eventually be left with fewer, but smarter and stronger, adversaries. These new cybercriminals are effectively a cross-breed of the once esoteric, targeted attacker, and the pedestrian purveyor of off-the-shelf malware, using manual hacking techniques, not for espionage or sabotage, but to maintain their dishonorable income streams.” – Joe Levy, CTO, Sophos, as referenced in the SophosLabs 2019 Threat Report
The SophosLabs 2019 Threat Report focuses on these key cybercriminal behaviours and attacks:
Capitalist cybercriminals are turning to targeted ransomware attacks that are premeditated and reaping millions of dollars in ransom – 2018 saw the advancement of hand-delivered, targeted ransomware attacks that are earning cybercriminals millions of dollars.
These attacks are different than ‘spray and pray’ style attacks that are automatically distributed through millions of emails. Targeted ransomware is more damaging than if delivered from a bot, as human attackers can find and stake out victims, think laterally, trouble shoot to overcome roadblocks, and wipe out back-ups so the ransom must be paid.
This “interactive attack style,” where adversaries manually maneuver through a network step-by-step, is now increasing in popularity. Sophos experts believe the financial success of SamSam, BitPaymer and Dharma to inspire copycat attacks and expect more happen in 2019.
Cybercriminals are using readily available Windows systems administration tools – This year’s report uncovers a shift in threat execution, as more mainstream attackers now employ Advanced Persistent Threat (APT) techniques to use readily available IT tools as their route to advance through a system and complete their mission – whether it’s to steal sensitive information off the server or drop ransomware:
The continued threat of mobile and IoT malware – Malware’s impact extends beyond the organization’s infrastructure as we see the threat from mobile malware grow apace.
With illegal Android apps on the increase, 2018 has seen an increased focus in malware being pushed to phones, tablets and other IoT devices. As homes and businesses adopt more internet-connected devices, criminals have been devising new ways to hijack those devices to use as nodes in huge botnet attacks.
In 2018, VPNFilter demonstrated the destructive power of weaponized malware that affects embedded systems and networked devices that have no obvious user interface.
Interesting read? Want to get more content related to this and keep up with the trends in the SME ecosystem? Get full details here!