McAfee has released its annual Threat Predictions Report, which outlines predictions for the cybersecurity landscape in 2019. One major prediction is that data exfiltration attempts from the cloud are expected to significantly increase in 2019, both globally and at a local level. Across the regions, protecting the cloud will become a non-negotiable safety measure to ensuring cyber-resilience, as 89% of organisations in the Asia Pacific store sensitive data in the cloud, and the amount of files shared with sensitive data has increased 53% YoY.
Gary Denman, McAfee Vice President, Australia and New Zealand, explains “Australia has always been one of the fastest growing ‘cloud’ countries in the world per capita, and we’ll jump at any opportunity to become more efficient and advanced in our approach to the cloud. However, as we see from the Threat Predictions Report, corporate data residing on the cloud will be a major target in the coming year. As much as 21% of content now managed on the cloud contain sensitive materials, and once information is accessed within the right regulations, it becomes a matter how it’s being used. Someone down the stream can become a target, and the data gets exfiltrated through a long pipe. Cloud-native attacks will soon become the launchpad for cryptojacking and ransomware attacks, which is why now, more than ever before, cyber resilience will become key, thwarting these types of attacks to the cloud.”
Key predictions include:
- In 2019, McAfee expect a significant increase in data exfiltration attacks that target the cloud. With a 33% increase in users collaborating on this data during the past year, cybercriminals are using various methods to seek more targets in the coming year, particularly by targeting weak APIs or ungoverned API endpoints.
- The cybercriminal underworld will consolidate, creating fewer but stronger malware-as-a-service families that will actively work together.
- Attackers will be employing AI to help them avoid detection by security software, particularly to automate target selection, or to check infected environments before deploying later stages and avoiding detection.
- 2019 will see the use of multifaceted, synergistic threats – in other words, where several different kinds of cyber threats (phishing, ransomware, cryptojacking) are used in tandem. These attacks are hard to classify, and even harder to mitigate, and is yet another manifestation of cybercriminals becoming even more sophisticated and collaborative.
- Identity platforms and IoT edge devices will be under siege as criminals leverage them to mount attacks on industrial control systems.
Please let me know if you would like to speak to Gary Denman about the findings of 2019 Threat Predictions Report, what it means for the Australian cybersecurity ecosystem and how organisations can protect themselves against the rise of cloud-native attacks.
In addition, McAfee has announced at its support for Amazon Web Services (AWS) Security Hub to help security professionals manage multiple dashboards and data points. AWS Security Hub integrates with McAfee MVISION Cloud to provide a “single pane of glass” overview of an organisation’s cloud security posture.
