According to a recent World Economic Forum report, business executives in both North America and APAC consider cyber-attacks to be the number one risk of doing business, outranking terror attacks and asset bubbles. To prepare, here are our projected Top 5 Cyber-Attack Vectors of 2019:
1) Advanced Phishing Kits
Every day, 350,000 new malware samples are created. That’s 4 malware programs per second. Due to new advanced kits that are readily available on the dark web, amateur hackers with only rudimentary knowledge are now able to execute fairly complex exploits. Accordingly, we predict that phishing attacks, already a pervasive form of attack, will only become more prevalent in the coming year.
Recent advances in Artificial Intelligence have led to increasingly realistic “deepfake” video and audio. What once required a Hollywood studio, can now be generated by anyone with a half-decent graphics card. In fact, studies have shown that AI-powered phishing emails are already more effective than human created content, and that’s just text-based. Throw some convincing visual-audio content into the fray, and you’ve got a recipe for disaster.
3) Business Email Compromise
Silent Breach estimates that social engineering attacks will remain the most successful attack vector in the coming years. Unfortunately, humans are just not as effective as machines at detecting and managing cyber threats. However, a new form of phishing is on the rise: business email compromise (BEC). BEC occurs when an attacker pretends to be a prominent business partner or higher-up and, after developing a business-level rapport with the victim, convinces them to transfer funds to a bank account under false pretexts. Extra caution should therefore be taken when handling key email-based requests.
4) Cross-Site Scripting (XSS)
Certainly not a newcomer, XSS attacks continue to plague businesses around the globe, as organizations continue to struggle with developing effective counter-measures. Silent Breach estimates that over 20% of vulnerabilities exposed through bug bounty programs are XSS-related. Although these forms of attacks are generally considered low risk, under certain conditions they can lead to the loss of sensitive data and identity theft. The good news is that XXS attacks can be prevented by performing a periodic source code analysis.
5) Cloud Computing
The recent boom in cloud computing now means that a handful of companies (Amazon, Google, Microsoft, etc.) controls the data of many of the largest firms on the planet. Consequently, these data centers are enticing targets for cyber criminals, raising the stakes exponentially. For example, in what the British Foreign Secretary dubbed “one of the most significant and widespread intrusions against the UK and allies uncovered to date” Chinese hackers were able to compromise over 45 companies in a dozen countries by simply focusing their sights on a single IT-services provider.
Put your digital security to the test with Silent Breach’s award-winning Penetration Testing, Vulnerability Assessment, and Social Engineering Testing. For more information, contact Silent Breach to learn how to protect your firm from 2019’s cyber threats and turn your greatest challenge into a strategic advantage.
About Silent Breach: Silent Breach is an award-winning provider of cyber security services for Fortune 500 companies. Our global team provides cutting-edge insights and expertise across the Data Center, Enterprise, SME, Retail, Government, Finance, Education, Automotive, Hospitality, Healthcare and Internet of Things (IoT) industries.