Securing Tomorrow: Airbus Reveals Key Cybersecurity Trends for 2018

Experts at Airbus’ Cyber Security division have compiled their leading technology predictions for 2018, based on trends observed in their Security Operations Centres across France, the UK, and Germany during 2017.

Prediction 1: Lack of social media security guidelines will pose serious risks to organizations

As highlighted in 2017, social media platforms are often used for spreading misinformation or swaying public opinion. Yet, these channels also serve as avenues for sophisticated social engineering and reconnaissance efforts, setting the stage for various attacks on corporations. Cybercriminals have been seen leveraging these platforms to disseminate malware, promote deceptive antivirus solutions, and execute phishing schemes to capture their targets.

Markus Braendle, Head of Airbus CyberSecurity: “Social media offers a venue for connecting people globally, enabling rapid exchange of ideas and conversations in our digital environment. However, to attackers, social media has become a primary target due to the multitude of users lacking cybersecurity awareness and the simplicity and cost-effectiveness of utilizing these platforms. To shield against social media-related threats, organizations must establish robust social media security protocols. This should involve crafting training programs for employees about social media conduct and developing incident response frameworks that unite the efforts of legal, HR, marketing, and IT teams during a security crisis.”

Prediction 2: Attacks on wireless networks will escalate

Intrusions aimed at wireless networks are projected to increase as cybercriminals seek to exploit the Key Reinstallation Attack (KRACK) vulnerability, first revealed in October 2017.

This flaw can enable a malicious actor to intercept and scrutinize Wi-Fi traffic between devices and routers, and in some cases, even manipulate the traffic to inject harmful data into websites. It may also grant unauthorized access to sensitive information from those devices, including credit card details, passwords, chat messages, and emails.

Braendle elaborates: “We foresee a rise in attacks over public or unsecured WiFi networks, which will compel organizations providing such services to enhance their security measures. Such threats could be particularly hazardous for users of outdated devices that are no longer supported, making them an attractive target for cybercriminals. These dangers may prompt a greater adoption of Virtual Private Networks (VPNs) among those who prioritize security.”

Prediction 3: Encryption will continue to challenge law enforcement

Concerns over data privacy, increasing reliance on cloud services, a rise in data breaches, and the enforcement of the General Data Protection Regulation (GDPR) will all lead to the prominence of End-to-End Encryption (E2EE) as the preferred method for businesses seeking to safeguard their data. However, E2EE will also create obstacles for law enforcement as criminals employ this method for espionage and subversion.

Braendle states: “When assessing the cost of any security measure, it’s crucial to consider the financial implications of a potential security incident. Following the introduction of the General Data Protection Regulation (GDPR), organizations could incur fines approaching 4% of their worldwide revenue in the event of a data breach—thus, the expense of each solution must be evaluated in light of the associated risks.”