TOGETHER, WE

RESPOND

FASTER

CYBERSEC 2019

Taipei International Convention Center
Taipei World Trade Center Hall 1, 2F

2019’s top three cybersecurity trends - Akamai

Fernando Serto/Akamai APJ security technology and strategy head

February 2018 marked a historical event for the internet, the cybersecurity environment, and the evolution of cyber-attacks – a 1.3 Tbps Distributed Denial of Service (DDoS) attack.

The incident, exploiting memcached servers to reflect and amplify attacks, set a record for the largest publicly disclosed DDoS attack in history.

A few days prior to the attack, security organisations began to notice, research, and alert customers on this new DDoS attack method and how it can be exploited to generate much larger attacks.

In 2018, organisations of every size need to rethink their security strategies – not only when it comes to external users accessing internal applications, but also how staff interact with applications on a daily basis.

This trend indicates that a zero-trust security model is here to stay.

Throughout the year, there were also a number of cybersecurity trends playing out.

Extortion of cryptocurrencies continuously made headlines, while towards the end of the year saw a rise of bot armies carrying out credential stuffing attacks.

In the evolving security landscape, businesses need to reflect on the incidents from the past year and understand how these will continue to grow and become more complex in their execution.

Therefore, it’s important to outline a number of trends from 2018 and how they will continue to develop in 2019.

The rise of sophisticated ‘low and slow’ credential stuffing attacks
The greatest weakness of any website is the password.

Everyday users, who are challenged with the task of juggling multiple accounts and credentials, tend to re-use the same passwords across different websites.

Following a data breach, malicious actors will obtain large databases of login credentials and employ botnets to rapidly insert these into websites to compromise accounts.

Fortunately, rapid login attempts are usually easily detected and mitigation with velocity-based detection systems.

While this is the traditional approach to credential stuffing, in September 2018 a trend of ‘low and slow’ attacks were identified that fly under the radar of velocity-based systems.

In 2019, Akamai expects the rate of slower attacks to increase, as malicious actors are more successful and remain undetected through this approach.

Cryptocurrency extortion
Following the internet’s largest DDoS attack, in March 2018 investigators found a ransomware note in the attack packets themselves that instructed the victim to transfer cryptocurrency to a Monero wallet address.

This incident of cryptocurrency extortion was added to the long list of extortion attempts in 2018.

In addition, we also saw a sharp rise in cryptojacking attempts through adware-based cryptominning software.

Next year, malicious actors are expected to move away from long-term cryptominers installed on compromised systems and converting to more of a gig-based attack economy.

The gig adversary
Over the past few years, cybercriminals have been moving towards a ‘gig’ economy – an underground community of malicious actors exchanging services.

This ‘cybercriminal gig economy’ is driving specialisation, and marketisation, across different attack verticals.

In the past, adversarial groups were responsible for developing and executing cyber-attacks.

For example, in credential stuffing attacks, previously malicious actors would work on building their own botnets to access and compromise accounts.

Whereas now, with the ‘cybercriminal gig economy’, one adversarial group would build a botnet to determine which accounts they can access with stolen credentials, then sell this information to another group to access and commit fraudulent activities on those accounts.

What this means for businesses is that cyber-attacks are becoming more sophisticated, accessible and purchasable.

We should expect to see further specialisation and monetisation of attacks as the economy grows.

As businesses begin to prepare for 2019, it’s important to observe ongoing patterns in cyber-attacks, as these will continue to evolve and advance.

Akamai also expects to see sophisticated phishing attacks, which target users who have network connectivity to servers in the environment, to exploit vulnerable software within the organisation.
 

  • Share:

CYBERSEC 2019 Partners

Endorsed by

行政院資通安全處
經濟部

Organizer

iThome

Co-Organizer

社團法人台灣駭客協會

Premiere Technology Partner

台灣思科系統股份有限公司

Strategic Technology Partner

奧義智慧科技股份有限公司

Diamond Sponsor

中華電信股份有限公司
CHT Security 中華資安國際
精品科技股份有限公司

Platinum Sponsor

台灣國際商業機器股份有限公司
漢領國際有限公司
台灣微軟
Splunk

Gold Sponsor

惠普科技
商丞科技股份有限公司

Exhibitor

Consulting Partner

勤業眾信聯合會計師事務所

Supporting Association

中華民國電腦稽核協會
亥客書院
財團法人資訊工業策進會
財團法人國家實驗研究院國家高速網路與計算中心
財團法人中華民國國家資訊基本建設產業發展協進會
美商國際半導體產業有限公司台灣分公司
Students’ Information Technology Conference
臺灣學術網路危機處理中心
台灣資通產業標準協會
台中市電腦商業同業公會
財團法人電信技術中心
台灣電腦網路危機處理暨協調中心
台灣數位安全聯盟
臺灣電腦安全事件應變中心
國立成功大學資通安全研究與教學中心

Media Partner

Equipment Sponsor

台灣三星電子股份有限公司
維嘉全球科技股份有限公司

Cyber Taiwan Pavilion

Endorsed by

經濟部

Organizer

工業局
iThome

Co-Organizer

工研院

Supporting Association

資策會

Cyber Taiwan Pavilion Exhibitor

社團法人台灣駭客協會
中華資安國際
奧義智慧科技股份有限公司
精品科技
詮睿科技股份有限公司