The cybersecurity landscape is in constant\nflux, keeping our team busy researching the newest threats to keep our\ncustomers safe. As the new year approaches, we asked our cybersecurity experts\nto predict which security trends will have the most impact in 2019 and what\nconsumers should prepare for.<\/p>\n\n\n\n
\n“Cryptojacking will continue to dominate the landscape. Arguably more than a third of all attacks in 2019 will be based off of leveraging hardware in your devices to mine cryptocurrency.” \u2013 Tyler Moffitt, Senior Threat Research Analyst<\/em> <\/p>\n<\/blockquote>\n\n\n\n
The largest cyber threat of 2018 will continue\nits unprecedented growth in 2019. Cryptojacking\u2014a type of hack that targets\nalmost any device with computing power, including mobile devices, company\nservers, and even cable routers to mine for cryptocurrencies<\/a>\u2014grew\nby more than 1,000% in the first half of 2018. Compared to ransomware attacks,\ncryptojacking is incredibly stealthy, with many systems losing processing power\nwhile sitting idle anyway. We are now seeing cryptojacking in more significant\nsystems, as was the case when Nova Scotia’s St. Francis Xavier University struggled\nfor weeks to recover after cryptojacking software led to the school to disable its\nentire digital infrastructure in order to purge the network. For home internet\nusers, cryptojacking can put undue stress on your computer\u2019s processor, slowing\ndown performance and increasing your electric bill. <\/p>\n\n\n\n
But, as with any cybersecurity threat, it\u2019s a\nconstant cat-and-mouse game between criminals and the security industry. As\ncryptojacking continues to grow, so does criminals\u2019 ability to successfully\nimplement the attack. At the same time, so does our knowledge and ability to\ndefend against it. This type of attack can impact your devices in multiple ways,\nwhether via a file on your computer or a website you visit. We recommend a\nlayered solution that can protect against these\ndifferent attack vectors<\/a>, like Webroot SecureAnywhere\u00ae solutions.<\/p>\n\n\n\n
General Data Protection Regulation (GDPR) Influence<\/h2>\n\n\n\n
\n“We are going to see a lot more legislation proposed within the US that will be very similar to GDPR, much like California already has. These types of laws will inspire the idea that companies don\u2019t own data that identifies people, and we need to be better stewards of that data. Data, by all accounts, is a commodity. It\u2019s necessary for innovation and to stay competitive, but the data must be good to be of any use.” \u2013 Briana Butler, Engineering Data Analyst<\/em> <\/p>\n<\/blockquote>\n\n\n\n
The General Data Protection Regulation (GDPR)<\/a> is a set of regulations put in place in 2018 that standardize data protection measures within the European Union, marking the beginning of a new era of international data protection. In the United States, California has been on the frontlines of data protection law since 2003 when bill SB1386 was passed, pioneering mandatory data-breach notifications nationwide. California continues to innovate in data privacy law with the recently passed California Consumer Privacy Act of 2018 (CCPA), possibly the toughest data privacy law in the country. Although clearly influenced by GDPR, it differs in many ways\u2014enough that companies who are compliant with GDPR may need to take additional steps to also be compliant under the CCPA. But it\u2019s not just lawmakers who are pushing for data protection regulation, influential tech industry leaders like Tim Cook<\/a> are also calling for stronger consumer protections on data collection nationwide.<\/p>\n\n\n\n
What does this mean for you? Expect another wave of \u201cPrivacy Update\u201d emails and cookie collection pop-up notices while browsing, as well as expanded protections regarding the collection and storage of your personal data. Given the rising regularity of third party data breaches\u2014like the one that recently left 500 million Marriott guests exposed<\/a>\u2014stronger data protection laws can only mean good things for consumers.<\/p>\n\n\n\n
Biometrics on the Rise<\/h2>\n\n\n\n
\n“We will see continued growth in biometric services. Devices with usernames and passwords will become the legacy choice for authentication.” \u2013 Paul Barnes, Sr. Director of Product Strategy<\/em> <\/p>\n<\/blockquote>\n\n\n\n
Largely associated with facial and fingerprint recognition, biometrics have been on the rise since at least 2013, when the launch of TouchID placed the technology in every iPhone user\u2019s hands. But the adoption of biometric technologies\u2014particularly facial recognition biometrics\u2014was dampened by cultural and ethical concerns, with some fearing the establishment of a national biometric database. But today we are beginning to see the normalization of facial recognition biometrics, like those utilized by Snapchat and Instagram. Biometrics are also now widely seen used in critical infrastructure applications. Airports use biometrics to facilitate a faster boarding process, and hospitals are adopting biometrics for both patient care and as a HIPAA security precaution.<\/p>\n\n\n\n
We predict this regular exposure to biometrics will lead to a larger cultural acceptance and adoption of biometrics as a trusted security standard, leading to the eventual death of usernames and passwords. Why bother with a login when your computer knows the minute details of your iris? But convenience may come as a cost. Corresponding with rising use, biometric data will continue to become<\/a> a more valuable commodity for cybercriminals to steal. <\/p>\n\n\n\n
The Beginning of the End for SSNs<\/h2>\n\n\n\n
\n“There will be significant discussion around replacing Social Security numbers for a more secure, universal personal identity option.” \u2013 Kristin Miller, Director of Communications<\/em> <\/p>\n<\/blockquote>\n\n\n\n
In 2017 the Equifax breach compromised 145.5\nmillion Social Security numbers, forcing us to face an uncomfortable truth:\nSSNs are a legacy system. First available in 1935 from the newly minted Social\nSecurity Administration, they were created to track accounts using Social\nSecurity programs. They were never intended to act as the secure database key\nwe expect them to be today.<\/p>\n\n\n\n
The conversation has already begun on the\nfederal level. \u201cI think it\u2019s really clear there needs to be a change,\u201d White\nHouse Cybersecurity Coordinator Rob Joyce said<\/a> at the 2017\nCambridge Cyber Summit. \u201cIt\u2019s a flawed system. If you think about it, every\ntime we use the Social Security number you put it at risk.”<\/p>\n\n\n\n
Although it will be some time until we fully replace Social Security numbers, what should you expect from a replacement? When it comes to personal identifiers that are both unique and secure, the conversations tend to center around two technologies: biometrics and blockchains<\/a>. Biometrics\u2014particularly behavioral biometrics, which derive their logic from individual\u2019s behavioral patterns, such as the syncopation of types or taps on a screen, or even your unique heart beat\u2014are proving to be an especially intuitive solution.<\/p>\n\n\n\n
Certification for the Internet of Things<\/h2>\n\n\n\n
\n“We will finally see a consumer IoT\/connected goods certification body, similar to the Consumer Electrical Safety Certifications today. This will enforce the notion of Security by Design for a smart goods manufacturer.” \u2013 Paul Barnes, Sr. Director of Product Strategy<\/em><\/p>\n<\/blockquote>\n\n\n\n
We love the Internet of Things (IoT). It\npowers our smart homes, our fitness trackers, and our voice assistants. But IoT\ndevices are notoriously insecure, oftentimes featuring overlooked flaws that\ncan lead to exploitation in unexpected places. A recent Pew Research Center survey<\/a> looked\nat how growing security concerns are influencing the spread of IoT connectivity\nreported only 15% of participants saying security concerns would cause significant\nnumbers of people to disconnect from IoT devices. Alternatively, 85% believe\nmost people will move more deeply into an interconnected life due to the\nconvenience of IoT products. Recently\npublished documents may signal that the time of putting convenience\nahead of security is quickly coming to an end.<\/p>\n\n\n\n
The United Kingdom\u2019s department for Digital, Culture, Media, and Sport (DCMS) published the \u201cCode of Practice for Consumer IoT Security.\u201d The code outlines thirteen steps for organizations to follow for the implementation of appropriate security measures in IoT offerings. It also emphasizes the need for a secure-by-design philosophy, a belief that security measures need to be designed into products, not bolted on afterwards. This type of regulatory influence on the industry is sure to make waves across the pond, and we are already seeing this play out with California\u2019s new IoT security law<\/a>. <\/p>\n\n\n\n
Keep these predictions in mind as you make\nyour way through 2019. Staying informed is the best way to keep you and your\nfamily safe, so check back here for more cybersecurity trend updates in the\nfuture!<\/p>\n","protected":false},"excerpt":{"rendered":"
The cybersecurity landscape is in constant flux, keeping our team busy researching the newest threats to keep our customers safe. As the new year approaches, we asked our cybersecurity experts to predict which security trends will have the most impact in 2019 and what consumers should prepare for. Continued Growth of Cryptojacking “Cryptojacking will continue […]<\/p>\n","protected":false},"author":139,"featured_media":27317,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[2985],"tags":[21935,21936,21943],"yst_prominent_words":[23721,23723,3769,23713,22219,23627,23709,23719,24153,23625,23615,23733,23717,23715,23711,3479,18297,6305,18285,7521],"acf":[],"_links":{"self":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/26481"}],"collection":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/users\/139"}],"replies":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/comments?post=26481"}],"version-history":[{"count":7,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/26481\/revisions"}],"predecessor-version":[{"id":32341,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/posts\/26481\/revisions\/32341"}],"wp:featuredmedia":[{"embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media\/27317"}],"wp:attachment":[{"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/media?parent=26481"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/categories?post=26481"},{"taxonomy":"post_tag","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/tags?post=26481"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"https://www.webroot.com/blog/wp-json\/wp\/v2\/yst_prominent_words?post=26481"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}