Web Scraping of Credit Cards
Last year, several different e-retailers' credit card forms, on their web pages, were hijacked. Where JavaScript was injected, reading the credit card information.
We all know that thieves follow the money and we will most probably see more attacks in the chain before the credit card provider authentications being attacked or replaced by an attacker's fictitious form.
Active Defense
More people realize that active and fast action is crucial in preventing an attacker from gaining ground in an organization. Therefore, more products and systems appear that can prevent an attacker from escalating their rights or moving within the network (lateral movement). But to make rapid countermeasures, of course, the attacker must first and foremost be discovered, which places demands on traceability and logging.
An active defense can also involve introducing honey traps and systems that are virtualized but not part of the real network or planting information that confuses the attacker or leads it into the wrong track and causes incorrect conclusions to be drawn.
Artificial Intelligence
Will 2019 be the year where we will see real AI within cyber security? Many security products we use every day have relatively little AI built-in and there is probably a huge development potential where cyber security meets AI. Imagine for example Nmap with a little intelligence? Instead of only scanning the 1.000 most common ports that a system exposes, dynamic ports are also added based on those identified.
Vulnerable Products
In recent years, we have seen that connected products, like IoT, contain vulnerabilities and can be used to attack others by, for example, being part of a bot network. However, what we have seen less of is how the gadgets' functions can be used for malicious purposes to a great extent. In this area, I believe we will see more and more startling cyberattacks, let’s just hope they don’t affect people's lives.
Net Fishing & Multi-Factor Authentication
As an increasing amount of logins are done using multifactor authentication (MFA), tools and methods are also being developed to attack multifactor authentication. With a targeted email message lurking a user, the attacker can bypass multi-factor authentication and escalate their rights and become the domain administrator on the organization's network in just a few minutes. It’s no longer a fictitious scenario but something that is performed both by malicious attackers and by Red Team exercises where companies are hired to test the security.
Jonas Lejon
Jonas is a Holm Security Advisory Board member and runs Sweden's most prominent blog about cyber security called kryptera.se.