Seven hot and four cooling cybersecurity trends

Today's technology industry is dynamic and constantly changing. Companies in the IT security field may be in a unique position where techniques developed by malicious hackers may force changes in the business. This means that there are always new things emerging in various industries, and some technologies and tools lose their usability.

When it comes to technology security trends, it’s hard to escape the hype: Every company wants to convince users that they’re at the forefront of the market. To help people understand what’s really hot or cold in the security field today, here’s a deep dive into the development of cybersecurity trends.

1. Hot: Credential Stuffing

There seems to be a steady stream of hacking attacks against large companies each year, resulting in millions of username/password leaks. The aftermath of these attacks is what is known as credential stuffing, when cyber attackers use large lists of stolen login credentials in large-scale automated attempts to log into various websites. Attackers take advantage of the fact that many people use the same username and password on multiple sites. Due to the automated nature of the attacks, even if only a small fraction of the stolen login credentials are a match, it can still be worth using for the attacker.

“We need to improve the security of user credentials,” said Kristen Ranta Haikal Wilson, head of product management and chief marketing officer at PasswordPing. “By proactively screening compromised credentials during login, password reset, and account activation, organizations can significantly mitigate online account takeover and fraud with very little impact to end users.”

Key Stat: According to Sharpe Security, in 2018, 60% of customer login traffic at airlines and 91% of customer login traffic at retail stores included credential stuffing.

2. Hot: Collaborative application security

More and more businesses are relying on apps that help them coordinate and collaborate on their work. Perhaps the most popular is Slack, the ubiquitous messaging and collaboration platform, but this category also includes virtual workspaces like SharePoint and file sharing and syncing apps like Dropbox. These tools increase productivity, but they open up attack surfaces. "As more organizations adopt these important apps, they inadvertently expand the channels that hackers can exploit to distribute malicious content," said Yoram Salinger, CEO of Perception Point, a cybersecurity-as-a-service provider. Because many are web-based or cloud-based services, individual business units install the apps without consulting IT teams, so they often get a lot of attention when it comes to security.

Key number: More than 80% of respondents in a survey conducted by Perception Point said that employees in their organizations share files and URLs through these collaboration services. Security personnel will scan files shared via email or other more traditional methods, but this will not be treated this way through collaboration applications.

3. Cooling down: Ransomware

Ransomware is a harmful malware that holds an infected computer's data for a ransom, threatening to permanently encrypt the data unless the victim pays. In particular, the WannaCry and NotPetya attacks in 2017 really brought this type of malware into the public consciousness.

So it might be surprising to learn that the number of ransomware attacks overall is declining, with a corresponding drop in exploit kit activity. The majority of ransomware attacks in 2018 were delivered via phishing, which explains why the entire focus of this type of malware has shifted from consumers to email-centric businesses.

Key Number: Overall ransomware activity dropped 20% in 2018. When the WannaCry and Petya variants were identified, the drop was even more dramatic, at 52%.

4. Hot: Banking Trojans

When asked why he attacked and robbed banks, notorious criminal Willie Sutton said, "Because that's where the money is." More and more malware authors have taken this adage to heart, launching more Trojans specifically designed to gain access to user accounts at financial institutions. These Trojans are spread in a wider range of ways, such as phishing websites, hijacked emails, etc. Once installed, they will focus on the user's interaction with the bank's website, attempting to collect login information through keylogging and other spyware techniques, and then inform the attacker.

Key figure: These Trojans became a particular threat in the mobile space last year, especially on Android devices. Security vendor McAfee estimates that the number of banking Trojans grew by 77% in 2018.

5. Hot: Internet of Things

The Internet of Things (IoT) is an umbrella term that covers a wide variety of gadgets that are smaller and simpler than computers, connected to wireless networks and deployed for specific purposes. These devices range from industrial sensors to smart home thermostats, and promise that the Internet can go beyond what people see on screens and truly interact with the "real world."

Unfortunately, IoT devices are often non-standard products that lack built-in security, are difficult to manage remotely, and have inherent features that can be hacked. One of the biggest IoT explosions in recent years was the Mirai botnet, which enabled Internet-connected CCTV cameras to participate in an attack against Minecraft players, accidentally hogging a large portion of the Internet's resources in the process.

Key stat: Security experts say IoT devices need to be locked down, or at least isolated from the internet, if the technology is to survive. In an analysis of the last decade of academic security research, Crossword Cybersecurity estimated that the number of projects focused on IoT has increased 123% over the past decade, with 14% of all such projects now focused on IoT.

6. Cooling: Artificial Intelligence

Classifying AI as a cool trend may seem surprising, since many security vendors promote their AI products, sometimes referred to as "machine learning" or "deep learning." "If you mention AI to CISOs, you'll find that many organizations overuse the term AI," said Rene Kolga, senior director of product and marketing at Nyotron. "Like Raffael Marty at Forcepoint, many companies are talking about the emergence of AI and machine learning in cybersecurity."

Key Number: The Ponemon Institute estimates that the false positive rate for AI-driven endpoint security solutions is close to 50%.

7. Hot: Quantum cryptography

Current methods for encrypting communications are not inherently secure. Instead, they rely on the exchange of encryption keys, which can theoretically be broken by an attacker. Security relies on the fact that these keys can only be broken through computationally intensive mathematics, to the extent that the difficulty of the problem makes this an impractical attack method.

Because if there's one thing people know about computers, it's that over time, new computers can process digital decryption faster. The next generation of computers, called quantum computers, will be able to solve encryption problems that were previously nearly impossible in a fraction of the time. These computers work on the principles of quantum physics, not binary computing. Quantum key distribution replaces the current encryption key infrastructure with one that is theoretically perfectly secure. Since people can't observe the quantum state without changing it, computers that share a key through special hardware will be immediately alerted if a middleman tries to snoop on their conversation.

Key number: This may all sound futuristic, and most estimates put widespread quantum computing deployment at five to 20 years. In analyzing more than a decade of academic research, Crossword Cybersecurity found that the number of projects focused on quantum cryptography surged 227%.

8. Hot: Phishing

Phishing, the art of tricking users into handing over their login information, is not new, but that hasn't stopped it from becoming a favorite of attackers. While people primarily associate phishing with email, attackers are leveraging a wide variety of attack vectors to deceive victims. "Increasingly, employees are being targeted with phishing attacks directly in their browsers, with highly legitimate websites, ads, search results, pop-ups, social media posts, chat applications, instant messages, and through rogue browser extensions and free web apps," said Atif Mushtaq, CEO and founder of SlashNext. "Most IT leaders also don't realize how quickly phishing threats move, often lasting only minutes to hours before their site is taken down and cybercriminals can continue to evade existing security controls."

Key stat: According to a 2019 report from Verizon Data Breach, 93% of data breaches ultimately involved a phishing attack.

9. Cooling: Antivirus

Security vendor Symantec Corp. declared antivirus software dead five years ago, but the product segment pushed through IT departments and some rules required many industries to maintain antivirus protection. Despite ongoing attacks by worms and other forms of malware, antivirus software has become a defense mechanism that IT professionals consider largely obsolete, unable to cope with increasingly sophisticated attacks and completely ignoring important vectors such as phishing emails.

Key stat: Antivirus software detects less than half of cyberattacks, according to a SANS Institute survey.

10. Hot: Multi-factor authentication

Many of the security vulnerabilities discussed in this article boil down to this: if a password is somehow stolen, the attacker has unlimited access to private information or functionality. To overcome this difficulty, security systems should treat these passwords as one of several factors required to access restricted data. These factors may include something the user knows (such as a password), something they have (such as a security token), or something they are (related to biometric security). A typical example is an ATM machine, which requires a PIN and a physical card to access; many websites now require a password and a code sent to the user's phone via SMS to log in.

Key stat: As large-scale hacks make passwords less reliable, more companies are turning to multi-factor authentication for security. According to Okta’s 2019 Business@Work report, reassuringly, 70% of companies are using two to four factors for security, up from 65% the year before.

11. Cooling down: Blockchain

The price of bitcoin has fallen nearly 80 percent in 2018, and while bitcoin and blockchain are not the same thing, interest in blockchain-based security technologies appears to be falling at the same rate. Nyotron’s Kolga said investment in the technology has frozen. On the other hand, there is always a silver lining to these things: The drop in bitcoin’s value has also led to a corresponding drop in cryptojacking attacks, which hijack victims’ computers to mine bitcoins for the benefit of cyber attackers.

Key stat: A recent survey of executives found that only 1% plan to roll out blockchain technology at their companies. Forrester Research estimates that 90% of enterprise blockchain experiments never reach commercial production.

It is recommended not to chase trends

While one hopes that these perspectives have brought into focus some of the evolving challenges in IT security, one also hopes that certain best practices will continue to support the way smart security professionals approach problems. “Enterprises are getting back to the basics: patches that comply with NIST directives, inventory management, password policies,” said Kayne McGladrey, IEEE member and director of security and information technology at Pensar Development. “Many are realizing that you can’t defend what you can’t see, and the easiest way to do that is to keep systems up to date and prevent credential stuffing attacks.”