Five Things Enterprises Need to Know About Threat Landscape

It would be easy to say that 2019 is going to be the year of the state-sponsored hacker, but it would also be easy to say that this year is going to be the year of the cryptojacker. Or I could say that this is the year when cross-site scripting is going to be a major threat. But the reality is that 2019 promises to be all three. The reality is that 2019 is going to be a year of unprecedented risk for cyber-attacks, and to even narrow it down to three types would be a mistake, because attacks are getting significantly more sophisticated, and the attackers are getting better and more numerous. Better because the skills of the state-sponsored cyber warriors are being transferred to cyber-criminals. More numerous because hacking kits are widely available on the internet, and so is the information needed to use them. The true breadth of state-sponsored cyber-attacks is only now beginning to become known. For example, it now appears that the Equifax attack of 2017 was probably carried out by a state-run organization such as the Russian Internet Research Agency, although there’s no indication that it was the Russians who did it. There’s a belief by several researchers that the Equifax data was taken so that it could be paired with data from other sources, such as the Office of Personnel Management breach, to identify susceptible individuals who can be turned into spies.