Cyber Threat Trends From 2018 and Into 2019

Dec 10, 2018
Jonathan Cran

Share with Your Network

It’s that time of year, the time to reflect on what we learned in the past year and look forward  to the next. Several new vulnerability and threat trends emerged in 2018, and we anticipate a they will become more prevalent in the new year. Join me for a webinar to discuss these trends in detail (and more) and learn what you can do to get ahead in 2019.

Trend #1: IoT as an increasingly attractive target

This past year the number of IoT machines was projected to outgrow cellphones and most of those machines only have extremely limited security controls available; instead, they rely on network segmentation to protect them. Given the vast array of approaches to IoT and the resulting difficulty of patching vulnerabilities, it is increasingly ripe as a target, and attackers are paying attention.

There have been some notable examples of IoT exploitation in 2018, and recently we’ve seen some novel multi-faceted attacks, such as the recent attack utilizing two different exploits:  first attacking UPNP (on the edge) and then utilizing ETERNALBLUE (on the internal devices). As another example, MikroTik routers have been widely exploited this year using CVE-2018-14847.

Our platform’s exploit prediction feature has been prolific in identifying these IoT vulnerabilities that would soon see exploitation in the wild, in large part because the vulnerabilities often tend to allow remote code execution (RCE). They are often highly attractive, quickly weaponized, and reliably exploited by attackers. They’re predictable.

As one of the most interesting and quickly growing attack surfaces, expect to see a lot more of IoT vulnerabilities in 2019.  

Trend #2: Side-channel vulnerabilities and exploitation

It’s impossible to talk about novel trends and vulnerabilities in 2018 without thinking of the array of hardware side-channel exploitation papers this past year. If you’re anything like me, it’s likely you spent hours reading about the techniques, and digging into microcode and architecture overviews to better understand how they work.  

Since the release of Meltdown and the first two Spectre variants in January, there have been many new techniques released to take advantage of side-channel information leaks, including an increasing number of techniques that target secondary processors such as the GPU. And if that wasn’t enough, the “Screaming Side Channels” attack released this year details methods to first recover, but more importantly, practically exfiltrate secrets such as private keys via radio transmissions.

While these vulnerabilities do not affect organizations and systems equally, it’s important to understand the exposure here, given that these are some of the most prevalent vulnerabilities

that exist in the world today. Practically every modern processor remains affected, and the vast majority will never will be patched. The concern for the typical organization is the browser as the attack vector, and if you’re not already using Chrome and the excellently implemented Site Isolation in your organization, it’s probable you soon will be.

As we look forward, expect to hear about more side-channel attacks. I have little doubt we’ll see increased exploitation of these vulnerabilities in 2019.

Trend #3: Cryptomining as a monetization strategy

Cryptomining came into its own in 2018, becoming a key monetization strategy for attackers. The variety of delivery mechanisms exploded—from an increase in drive-by attacks to phishing payloads and internet-wide scanning. Given that this is currently a profitable and relatively low impact way to monetize, expect this trend to continue and increase into 2019 and beyond.

That’s just three trends. Join me for the webinar to learn more, including:

  • How the application layer (and business logic) are under attack
  • How phishing evolved this year and will continue to change in 2019
  • How simple misconfigurations are driving data loss


2019 is fast approaching and as we go into the holiday season, we’ll look back at what we learned this past year and discuss what we need to do to get ready for the next. I look forward to the discussion!

Read the Latest Content

Research Reports

Prioritization to Prediction Volume 5: In Search of Assets at Risk

The fifth volume of the P2P series explores the vulnerability risk landscape by looking at how enterprises often view vulnerabilities.

5 Things Every CIO Should Know About Vulnerability Management

If you view vulnerability management (VM) as just a small part of your operation, it might be time to take another look.  Managing vulnerabilities is...



Get Started Using the Exploit Prediction Scoring System (EPSS).

Cyentia Institute’s Chief Data Scientist and Founder Jay Jacobs gives tips on how to get started using the Exploit Prediction Scoring System (EPSS). You...

© 2022 Kenna Security. All Rights Reserved. Privacy Policy.