In early Fall of 2018, I drafted a cybersecurity predictions article for 2019, which was published by DARK Reading. Since drafting the article I have seen various reports of incidents that confirmed some of the items I talked about. While we are still only just getting started in 2019, I want to take a quick look at some of these incidents to see how my outlook for 2019 faired. Finally, I’ll briefly touch on a hot political topic that was not predicted, the US government shutdown and its potential impact on cybersecurity.
If you’d like to read full article of my cybersecurity predictions for 2019, you can find it here:
Industrial Control Systems
The first prediction was about the increasing threats against industrial control systems (ICS) and IoT at large. In sum, not only attacks on ICS increase, but they will start to leverage ransomware to hold critical systems hostage. In addition, nation states will increase targeting critical infrastructure. Below are some of the reports I’ve seen that touch on both ICS ransomware and nation-state targeting of ICS.
- Moscow’s New Cable Car System Infected with Ransomware the Day After it Opens
- Iranian Cyber Attack on New York Dam Shows Future of War
API Gateways & Container Orchestration Platforms
Another area I touched on was modern application delivery frameworks. As applications shift to the cloud and scalable architectures, there is a strong adoption trend of platforms that enable these architectures, e.g. Kubernetes, Cloud Foundry, Envoy, and various API gateway solutions. As these platforms become the predominant ingress point for applications and access to data, they will be highly targeted for exploitation. As seen in the article below it has already begun.
With the proliferation of IoT, unfortunately, it brings a proliferation of easily exploitable devices. This also brings the opportunity, and temptation, for vigilante hackers who have intentions of making the world a better place. That is great, but not if it results in unintended harm. Fortunately, we haven’t seen wide spread harm form these vigilantes. However, in the first article below we can certainly see that these vigilantes are very much active.
In this second article, it doesn’t appear to be a vigilante scenario. But it does emphasize the potential risk with IoT devices, especially home devices.
One significant event not predicted was the recent Government shutdown. Within that event was the potential impact that shutdown has on the nation’s cybersecurity.
Usually, working for the government is thought of as having stable employment. However, from time-to-time politics can end up rocking the boat resulting in unintended consequences. In today’s world of cyber threats, cybersecurity can’t take the day off, let alone shut it down for an extended period of time. Time will tell if the current shutdown will have a material impact, or if it stirred up the nation’s adversaries to take advantage of the situation. In the cybersecurity industry, we regularly hear about the shortage of experienced cybersecurity talent, which already imposes a scalability challenge in defending the government’s digital assets. Certainly, the shutdown will only compound the government’s existing problem of not having enough scale to adequately mitigate threats faced on a daily basis. However, going forward, what can we learn from this to mitigate the impact of government shutdown risk. I think the lesson to learn is the government’s cybersecurity strategy needs to be one of efficiency. Specifically, implementing cybersecurity solutions that can operate, and defend, when there is no-one there to operate them. Effectively self-defending networks and applications. When the political seas are calm this strategy will help to scale cybersecurity staff, and in rough seas of political disruptions like we are seeing today the strategy will be there to hold the line.