Article Synopsis :
One of the biggest growth areas in the tech sector in 2018 was cyber. Not only security, but the number of attacks, including many high profile ones.
2018 was a big year for breaches
Cryptomining had replaced ransomware for a good part of 2018 as more lucrative. Meanwhile, new malware played merry hell with some financial institutions, with a number of multi-million dollar breaches reported. These affected ATM networks, SWIFT transactions and other banking systems.
The risks are greater
The total vulnerabilities reported incurred by 21% in 2018, while total bug bounty payouts increased by 36%. The average payout per vulnerability increased by 75%.
Business has seen itself become more vulnerable and these need to be managed.
The type of attack is changing
S21 SEC says criminals are moving away from ransomware and predicts the incidences will decrease in 2019.
However, social engineering will remain the most relevant and deployed means of attack, including Word documents with macros and there will be more mobile device infection
Easy access via the dark web will mean increased use of commercial remote access trojans (RATs) to target mobile devices and there will be a growth in ‘fileless malware infections’.
Bad guys are getting more sophisticated
As businesses become more sophisticated, so do the attacks. Vulnerability Management has been one of the areas of growing interest across all geographies. Direct evidence of such growth is the increasing number of technology vendors and service providers dedicated to fulfilling this growth.
Access control bugs which allow attackers to manipulate direct object references to access other objects without authorisation were big in 2018.
AI is finding use in pen testing
Since 2017, demand for red teams to probe their security has increased, rather than relying on penetration testing alone.
AI is being used to develop penetration testing services that effectively mimic multiple human pen testers in a fraction of the time.
Link to Full Article:: click here
Digital Insurer's CommentsThis extensive – but easy to read – report highlights the growing threat of cyber attacks and the ways in which both the criminals are evolving and the industry is catching up.
There are many predictions across many elements of fintech, insurtech and tech in general from payments, IoT and blockchain, through to governance and ethics.
Link to Source:: click here