Eight resellers name their top cybersecurity threats to watch out for in 2019

From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks

Dan Bailey, Altinet - whaling

What we're speaking about with customers, and also vendors such as Barracuda, is that gateway security isn't enough anymore. So we need to work out how we protect high-value users.

Whaling is high-value phishing attacks. If you send out the same email to 500 people in an organisation, even if they are really sophisticated emails, you'll only get a limited benefit because they will be lower-level people.

The idea - and this is becoming more common - is that you focus on CEOs, CSOs, board members and people with company credit cards.

Their details are so easy to find; whether it is a public or private company you can find out the contact details of the CEO on Google.

We are being asked a lot about that, and then along with that I think we're going to see an increase in the need for cybersecurity training.

The era of IT managers trying to solve problems with software alone is over. Moving into 2019 and 2020 people know they need the right protection at the gateway and they know they will need advanced technology, but probably most importantly it is going to be about giving users that awareness.

I would say the biggest attacks you'll see in 2019 will be whaling attacks because of the lack of knowledge in workforces.

Eight resellers name their top cybersecurity threats to watch out for in 2019

From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks

Robert Pooley, Saepio - USB attacks

In terms of specific threats, we had ransomware two years ago, but I don't think there is a stand-out specific threat now.

There is talk of a rise in USB-based attacks again, using USB mechanisms to bypass security. There is chat that there will be some devices that can bypass USB blocking and still infiltrate the end-points. I've heard from a few people that the threat reports that come out at the end of the year will likely say that USB attacks are on the up.

It is a really old-school method of compromising a business. Stuxnet

is one of the classic breaches, to do with an Iranian nuclear programme (which was destroyed). A piece of code was put on a USB stick and littered around the car park of the facility, which someone plugged in.

It is nothing new, but it is criminals going back to the ways they know. They will still be using malware, ransomware and all the other things, but USB is yet another attack vector to be used.

Eight resellers name their top cybersecurity threats to watch out for in 2019

From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks

David Lannin, Sapphire - high-profile website attacks

I think we'll see a real focus on websites that see high-value, high-volume transactions and exchanges - not just retail sites. We saw the BA website attack recently - that was injecting something into memory and trying to steal the transactions as they're happening on the fly. That sort of thing yields great rewards for the attacker.

You can imagine that organisations like BA are doing as much as they can to protect themselves, but through an exploit in their web infrastructure somebody was able to inject some code that would egress data as transactions were happening.

Now that has proven to be successful, it is going to happen again and again. People really need to start thinking more about not just protecting the web infrastructure, but testing the security of those transactions as they occur. There are technologies that are starting to do that - it is called transaction stack security and doesn't require an agent on the client side, which is great.

But the fact that they are going for high-value targets means they only have to be successful a small amount of the time to still become very successful in terms of monetary gain. The interesting thing about the BA attack was that, rather than trying to install something in the system, it was more of an exploit of how the web server executes.

Eight resellers name their top cybersecurity threats to watch out for in 2019

From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks

Steve Atkins, Arc Systems - privileged access-based threats

Privileged access is something I have seen emerge more in our market. As an exploit, I started looking at privileged access management (PAM) two years ago and it is, certainly in the SME market, not being addressed.

The exploits use a lack of PAM to launch an attack. If you can get some code onto a computer that has minimal access to the network, there might not be a lot that can be accessed by that code. However, there are so many small businesses, and even some large, that don't have the security in place that can prevent code executing itself.

We still see people using legacy applications that require

administrative rights to run and generally the way that has been configured means they have access rights across the whole network. If code can execute at that level, the firm can end up with some serious damage.

So much effort is being put into malware that everyone assumes we have protection in place for virus and worms. I think more of a focus should be put on what we have in place internally for privileged access abuse.

Eight resellers name their top cybersecurity threats to watch out for in 2019

From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks

Tom Millar, ITC Global Security - third-party exploitation

The area of third-party risk and how organisations are going to gain access to one's data and networks is going to be a problem. Instead of trying to attack them directly it will probably be a lot easier via a third-party supplier that is connected to the corporate systems.

In the NCSC's advice on this issue, one of the top five things is ensuring that your partners and supply chain are protected. Information that you share between you has to be protected as well.

You are only as strong as your weakest link, but that is extending out to every single third-party.

People can now subscribe to services that go online and probe an infrastructure for information about what is available to see and what isn't protected.

Using this service, people run automated tests for what is available to the public, and then identify holes in the infrastructure. There are lots of things you can do and you effectively do it on a mass scale - with the top 100 third-party suppliers of an organisation - and you are then able to tell the customer which areas their suppliers need to improve.

Eight resellers name their top cybersecurity threats to watch out for in 2019

From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks

Vinnie Booth, Solved IT -IoT

The big thing is going to be the Internet of Things (IoT). Everyone and their dog is getting involved in it; by which I mean I have seen products such as collars that can track where your dog goes.

There is an abundance of WiFi going around and that is going to be the big thing. There is massive uncertainty. I walked into a store the other day and saw that Colgate has made a toothbrush that connects to your iPhone.

There was a casino that spent a fortune on a beautiful fish tank to impress its customers and they put a thermometer in it that

connected to your phone to tell you the temperature. Someone piggy-backed on that and accessed the network to steal hundreds of thousands of data entries from the high-roller database.

Everyone associates cyberattackers with wanting money, but that is not correct. The biggest currency to them is your processing power. If they find some money they often won't steal it because it makes it quicker to detect them, but if they get your processing power, they can use you to attack bigger organisations.

Eight resellers name their top cybersecurity threats to watch out for in 2019

From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks

Stephen Love, Computacenter - emerging tech; old threats

Most of the threat stuff tends to be an extension of what we have seen previously. There are only a certain number of threats that can be made against an organisation, so it is usually the same thing.

2019 will be much of the same, but I would say that there are advancements in certain technologies - such as artificial intelligence (AI) and machine learning - and there is a limited focus on that at the moment.

Some will adopt them early and when they do it will make them vulnerable to new threats that are specific to those technologies, but the way of attacking those kind of things is going to be using the same attacks that we have seen for over a decade.

The way we do things will not change until we make a major leap in the way we deliver technology. In most cases we will see enhanced versions of the same.

In some respects we could be more vulnerable to the older threats than the more advanced ones, because everyone is talking about them. The age-old phishing attacks are still going to have an impact throughout 2019 and beyond.

The way the attack happens won't change because the way we work hasn't changed. Internet protocol is still internet protocol and it works the same way as it did back when it was founded. What we use them for has changed - cloud and AI - but they are all still based on a world that is fundamentally unchanged. The underlying code of Windows isn't drastically different to how it was a generation ago.

Eight resellers name their top cybersecurity threats to watch out for in 2019

From whaling and USB attacks to third-party exploitation, what will be the biggest threats facing end users next year? We asked execs at eight cyber-security resellers and consultancies to name their picks

Jason Holloway, Bridgeway - cloud access

What we are seeing - and I think will lead to a major future breach, whether that is straight away, or in years to come - is the strong move to cloud. It is not being ignored, but it is certainly being downplayed.

It is not that cloud is in itself insecure; often the services provided by cloud partners tend to be far more security conscious than the services that most organisations roll out.

The question that I'll raise is around access to that cloud service.

Many organisations are not controlling who and what has access to that data. In other words, they're allowing usernames and passwords to be used to access sensitive data without data loss prevention or restrictions being put in place, or even basic governance and controls.

When somebody joins an organisation we know we need to set them up in a number of different cloud services. But when somebody moves from one role to another, or leaves, turning off that cloud service can become tricky. I would say that a lot of the security challenges that we are going to see are around controlling the user, the application and the device connecting to the cloud.

If we can deal with those elements and ensure it is only the trusted user with the trusted device accessing the service we will be in a much better place, but that is extremely difficult to achieve.