Cyber Resilience in 2019: What to Watch

By Anthony J. Ferrante, Senior Managing Director & Head of Cybersecurity, FTI Consulting

A report from Lloyd’s of London recently claimed that a global cyber attack could result in up to $53 billion in losses, putting the potential financial impact of a cyber incident on par with that of a major natural disaster. The cybersecurity events that took place around the world this year demonstrate how very real those predictions may become. Some companies are still reeling from the NotPetya attack in June, with several claiming they may never completely recover from the damage to their systems. The three largest cyberattacks this year – WannaCry, NotPetya, and Bad Rabbit – all involved the use of ransomware, which will continue to hit private and government networks around the globe.

These and other incidents indicate that malicious actors are gaining rapid momentum and becoming increasingly sophisticated. In 2019, cybersecurity professionals can surely expect to see more of the same from this past year, along with a handful of new challenges. In order to prepare for the next wave of emerging threats, organizations should look closely at the top trends expected to hit the global cybersecurity landscape. These include:

1. Increasing IoT issues: The threat landscape is increasing at an incredible rate, with connected devices in the workplace and in our homes playing a big role in that evolution. Security isn’t typically built into Internet of Things (IoT) devices, autonomous vehicles, and other ‘smart’ technology, making them uniquely vulnerable to malicious threat actors, as we’ve seen with several high-profile distributed denial-of-service (DDoS) attacks. In October of last year, hackers launched the Mirai botnet to execute a massive DDoS attack on Internet domain provider Dyn, using infiltrated connected household devices such as DVRs and cameras. Many mainstream websites, including Twitter and Spotify, were impacted. Attacks are already wide-reaching across the globe, with no specific region as a primary target. The new year will likely bring further attacks involving the hijacking of connected technology, and organizations will need to work diligently to ensure they are resilient against this breed of threat.
2. Mounting cyberwarfare and malware activity: Cyberspace has become the new battlefield for modern warfare, providing state-sponsored malicious actors with an inexpensive, highly-effective, and globally-accessible platform to steal money and wreak havoc. Cybersecurity researchers are increasingly reporting on malicious activity that they suspect is state-sponsored, including the use of ransomware. Infrastructure is also being targeted. Dragonfly, a group that is believed to be nation-state-run, has successfully intruded networks that control elements of U.S. power infrastructure and is conducting increasingly sophisticated multi-stage attacks. The CrashOverride malware used to cause the 2015 and 2016 power outages in Ukraine is another red flag that demonstrates the types of targets politically-motivated malicious actors are pursuing. Cyberwarfare is starting to spill over into private industry and businesses must be prepared for critical areas such as healthcare and other public safety systems to become targets.
3. Privacy concerns will drive new requirements: New laws impacting cybersecurity practices are being implemented around the world, with Europe’s General Data Protection Regulation (GDPR) and China’s Cybersecurity Law as two timely examples. GDPR outlines that to be compliant, companies must follow established cybersecurity practices and “state of the art” approaches to prevent a breach of sensitive, protected data. It also institutes new data breach notification requirements, wherein organizations are given a 72-hour window to notify impacted persons when a breach occurs. This will present a big challenge for any organization that houses sensitive information, and in 2019, businesses must prepare for increasingly strict legislation and policymaking on this front. Emerging policy standards will have an impact on how we do business, and organizations will need to take action to achieve compliance.
4. Increased exploitation of information as a weapon: Mainstream news has been inundated with headlines related to hacking into sensitive information and the use of that information for financial, political, and other gains. As we’ve seen a number of times, such as with Sony and Equifax, these breaches can have a huge reputational and financial impact on corporations, and executive leaders of breached companies will become increasingly held responsible for failing to prevent and detect these types of attacks. Cybersecurity professionals should expect additional exploitations and intrusions into sensitive data and must be prepared to stay ahead of malicious actors to ensure they are not gaining entry into sensitive files and email communications.
   Cybersecurity is a dynamic field, and it is difficult to predict exactly what we’ll face tomorrow, let alone in a year. But implementing holistic programs that are intelligence-led and built on lessons learned from previous incidents is the most effective approach to ensuring a more secure and resilient future. Proactive intelligence gathering is also critical in evolving cybersecurity programs in parallel with evolving threats. Sharing of intelligence between private industry, government, and international partners is another important step to prepare for the implications of cyber warfare, privacy regulations and other challenges on the horizon. By taking these steps, businesses can be sure they are ready to face the cyber threats of 2019.

About the Author
Anthony J. Ferrante is a Senior Managing Director at FTI Consulting and is based in Washington, DC in the Global Risk & Investigations Practice (GRIP) of the Forensic & Litigation Consulting segment.
Mr. Ferrante has more than 15 years of top‐level cybersecurity experience, and maintains first‐hand operational knowledge of more than 60 criminal and national security cyber threat sets and extensive practical expertise researching, designing, developing, and hacking complex technical applications and hardware systems.