2019: The year of the GDPR bounty hunters?


In recent months, we have been witness to huge data breaches on companies such as British Airways, Marriott and Quora, attacks that have affected over 500 million victims. It’s safe to say that cyber-attackers continued to wreak havoc in 2018. But what will data breaches look like in 2019? And what will be the biggest threats that organisations face in the New Year?

While we don’t have a crystal ball to make certain predictions about what 2019 has in store, we can make educated guesses based on the trends we have seen over the past 12 months. Here’s what I think businesses need to look out for:

1. The GDPR bounty hunters

Hackers will target big firms and their cyber polices. When cyber criminals take-on a targeted organisation, they fully understand GDPR laws, including the implications and fines from the Information Commissioners Office (ICO).

GDPR bounties works effectively when the attacker extorts an organisation by providing them with a copy of their data to prove that it has been breached. They, then, inform the victim that they now have two choices, a) pay the possibly eyewatering ICO fine of up to €20m / 4 per cent of their annual global turnover or b) pay the hackers’ chosen fee which could be anything less than the maximum from the ICO. Option ‘B’ means the company mitigates the responsibility of not having to deal with reputation damage that such data breaches cause.

Considering that the cyber criminals are aware that many companies might prefer to pay them off quietly (or at least keep the breach quiet), it won’t take long before the hackers take advantage of relatively easily accessible data in able to make businesses contemplate the choice of either going to the ICO or paying off a far less fine with the criminals.

2. The unassuming chatbots

In 2019, cyber criminals and black hat hackers will create malicious chatbots that try to socially engineer victims into clicking links, downloading files or sharing private information. A hijacked chatbot could misdirect victims to nefarious links rather than legitimate ones. Attackers could also leverage web application flaws in legitimate websites to insert a malicious chatbot into a site that doesn’t have one.

In short, next year attackers will start to experiment with malicious chatbots to socially engineer victims. They will start with basic text-based bots, but in the future, they could use human speech bots to socially engineer victims over the phone or other voice connections. It’s important that businesses educated employees on the traps attackers leave to avoid falling victim to their malicious attempts. 

3. Ways to leverage machine learning

Machine learning has certainly been the buzzword of 2018, and 2019 will be no different as the technology continues to become better at identifying cyber threats. Over the next year, I predict there will be multiple new uses for machine learning in all industries available to take on this new layer of advanced security including far less false positives which tends to hinder its current chances of taking off.

Machine learning is allowing us to predict the future by using the past. As far as predictions go, I believe we will be reading more about innovative companies that have discovered how to use these technologies to read and interpret data. For example, ransomware presents a challenge to CISOs because the attacks often leave little forensic evidence in network activity logs. Machine learning technology, however, can help security analysts track micro-behaviours linked to ransomware, such as processes that interact with the entire file system in question which are continually progressing. Machine learning focuses on algorithms in the initial infection payload in an attempt to identify these fragments of evidence.

Although machine learning is becoming a commodity technology for cyber security providers, it does still come with some challenges for now and we can’t only rely on machine learning alone because it doesn’t catch everything - yet. For example, if a hacker were to log into a terminal directly and started writing routines in Powershell, machine learning wouldn’t see that as a suspicious act. Moreover, machine learning still deals with a hefty amount of false positives so it can only serve as a tool in the defence toolkit for now.

Lastly, we have seen this year that the term ‘machine learning’ has regularly been used interchangeably with ‘artificial intelligence’ (AI) – and this has just confused matters for IT departments and boardrooms. However, the simple fact is that true AI is still science fiction, for now, and will continue to be misunderstood throughout 2019 until it is finally here.

4. Even more connected things

The growth of Internet of Things (IoT) poses a huge risk to enterprises, particularly with the introduction of 5G. Companies need to be reminded that they will increasingly need to invest in training their staff to prepare for the next generation threat landscape. 5G will see the rise of a greater number of IoT devices and should security not be implemented by design, we will also see an increase in vulnerable devices.

Furthermore, 5G will not only give rise to new threats but it will also provide cyber criminals a more forceful and impactive platform to conduct more targeted threats, with faster pace. Businesses need to be mindful that this faster technology is on its way and we need to be more proactive in getting ready for it. By taking the easy route and waiting for it to possibly impact on production will only cause much larger issues in the future.

Jake Moore, cyber security Specialist, ESET
Image source: Shutterstock/Wright Studio