Thanksgiving is nearly upon us. And as we think about giving thanks, I remember when 11 years ago I put together a speech that somewhat tongue-in-cheek gave thanks to Bill Gates (and by extension) Microsoft for creating the entire IT support industry. This was around the time that he retired from corporate life at Microsoft.
My speech took the tack that if it wasn’t for leaky Windows OS’s and its APIs, many of us would be out of a job because everything would just work better. Well, obviously there are many vendors who would share some of the blame besides Microsoft. And truthfully Windows gets more than its share of attention because it is found on so many desktops and running so many servers of our collective infrastructure.
Let’s extend things into the present and talk about what we in the modern-day IT world have to give thanks for. Certainly, things have evolved in the past decade, and mostly for the better: endpoints have a lot better protection and are a lot less leaky than your average Windows XP desktop of yesteryear. We have more secure productivity tools, and most can operate from the cloud with a variety of desktop, laptop and mobile devices. We have better security automation, detection and remediation methods too. We also can be more mobile and obtain an Internet or Wifi signal in more remote places, making our jobs easier as we move around the planet. All of these are things to be thankful for, and many of us (myself included) often take these for granted.
What about looking forward? If I look at the predictions that I made a year ago, most of them have withstood the test of time.
Let’s start off with my biggest fail from 2018. I totally blew the call for cryptomining attacks trending upwards. At least I wasn’t alone, and other December 2018 predictions also had this trend mentioned in their lists. However, the exact opposite actually happened, and numerous reports showed a decline in cryptomining during 2019. One reasonable cause was the shuttering of the Coinhive operation in March. I am glad that this happened, and the lower rate of these attacks is another thing to be thankful for!
As I predicted, a number of good things have been happening on the authentication front in the past year. As I touched on in my post last month, a number of the single sign-on vendors’ multi-factor authentication (MFA) products have seen significant improvement. This includes better FIDO integration and better smartphone authentication tools. For example, RSA has its SecurID Access product that combines MFA and risk-based authentication methods. All of these items are things we can be thankful for, and hopefully more security managers will implement MFA in the coming months across their networks and applications.
Ransomware continues to be a threat, as I mentioned in my blog post last December and as concluded in the latest RSA fraud report here. Sadly, criminals continue to latch on to ransoms as a very profitable source of funds. This year we saw the development of new ransomware vectors into the software supply chain, with the Sodinokibi malware milking more than 20 different local Texas government IT operations thanks to a vulnerability in a managed endpoint service. The latest report shows this malware has made more than $4.5M in ill-gotten gains, by tracking specific Bitcoin deposits of the criminals.
Clearly we have made some significant progress in the past year, and even in the past decade. But with all these innovations comes new risks too. Criminals aren’t just standing still, and figuring out new ways to breech our defenses. And there are still thousands of infosec jobs that go unfilled, as skilled security analysts remain in demand. Hopefully, that will be that we can do something about in the coming year.