Researchers at Airbus’ external Cyber Security business have compiled their top technology predictions for 2018, based on trends identified at its Security Operations Centres in France, UK and Germany during 2017.
Prediction 1: A lack of social media security policies will create serious risks for enterprises
As observed during 2017, social media platforms are regularly being used for the spread of fake news or the manipulation of public opinion. But social media can also be used for sophisticated social engineering and reconnaissance activities which form the basis of many attacks on the enterprise. Criminals and hackers are known to use these platforms to distribute malware, push rogue antivirus scams and phishing campaigns to lure their victims.
Markus Braendle, Head of the Airbus CyberSecurity business: “Social media provide the medium for connecting people globally, in the rapid exchange of ideas, discussions and debates in our digital world. However, from an attacker’s perspective, social media have become an easy target because of the number of non-cyber security savvy users, and the fact that these platforms are easy and cost effective to use. To protect themselves against social media attacks, organisations need to implement enterprise-wide social media security policies. This includes designing training programs for employees about social media usage, and creating incident response plans that coordinate the activities of the legal, HR, marketing and IT departments in the event of a security breach.”
Prediction 2: Attacks on Wireless networks will escalate
Attacks on Wireless networks will increase as attackers seek to exploit the Key Reinstallation Attack (KRACK) vulnerability, first made public in October 2017.
The vulnerability can allow an attacker to intercept and read Wi-Fi traffic between devices and a WiFi router, and in some cases even modify the traffic to inject malicious data into websites. It could also allow attackers to obtain sensitive information from those devices, such as credit card details, passwords, chat messages and emails.
Braendle continues: “We can expect to see an escalation of attacks over public or open WiFi connections, and in turn, an increased security provision by organisations that offer such services to their customers. Such attacks may be particularly damaging for people using old devices that are no longer supported by vendors, making them an attractive target for cyber criminals. These threats may also trigger an increased use of Virtual Private Networks (VPN) by the most security conscious users.”