How to prepare ‘for the battles to come’, according to a former internet hacker

Mike Jones, former hacktivist with Anonymous.
Mike Jones, former hacktivist with Anonymous.
Opinion by Mike 'sting3r' Jones

Former member of hacktivist group Anonymous, Mike ‘sting3r’ Jones discusses future threats and trends for big oil and gas firms to look out for in the near future.

A former infamous computer hacker, Mr Jones  claims to have developed ‘exploit’ techniques to help companies protect themselves through greater understanding of the specific threats they face.

Coming from the darker side of the cyber battlefield and knowing how and why attacks are carried out, it’s my responsibility to aid those big firms being targeted and currently under attack.

Trends indicate some interesting threat vectors and hopefully my predictions and analysis can aid those preparing for the battles in the coming year.

Here are a few of the imminent threats for 2019:

Botnets: With the surge of iot (internet of things) there has been a definite increase in botnet activity. The size and increase is more than double from 2017.

The trend will continue in 2019 putting any firm using IOT devices at risk. Most of the IOT devices today are focused around usability and ease of deployment leaving security an afterthought. Insecurity of IOT will help botnets around the world thrive.

DDoS (distributed denial of service): With the upward trend of botnets in 2019 DDoS will also follow.

There are current indicators of this trend. DDoS attacks have hit record highs upwards of 1.3 TB per second. Amplification attacks have also been increasing over 2018.

IOT (internet of things): IOT deployments in various industries are increasing and will continue in 2019. IOT with its ease of deployment and availability will continue to create a target rich environment for cryptomining as well as more serious threats such as municipality attacks.

With the increase of “smart cities” the threat of loss of service is real. Several services are now controlled by IOT in “smart cities” such as traffic lights, water and other critical services.

An attack on this infrastructure can cause large amounts of damage. The availability of zero-day exploits for these devices have been discovered.

Physical APT (advanced persistent threat): With the increase of tensions in the geopolitical space the possibility of APT and physical attack will continue to be a concern in 2019. Recently Iran claimed they were under cyberattack by Israel with “Stuxnet 2.0”.

These types of attacks can damage the energy sector in a vast number of ways.

The increasing incidents of hardware embedded with backdoors or “call back” features only make the threat of mass compromise that much more real and inevitable in 2019.

Malware: The occurrences of ransomware will continue to be on the rise in 2019. The shift in focus will weigh heavily on utilities and industrial control systems. Crytpomining malware will also become more advanced and likely to target more utility and oil and gas systems.

Through my research and front-line monitoring of the oil and gas industry I’ve seen a steady increase of crypto currency mining malware.

A new threat to the internet and something to keep a close eye on will be fileless threats like worms.

Expect new malware not seen previously in 2018 with a real threat to the stability of the Internet.

The evolution of attacks in 2019 will be interesting to watch unfold.

The discovery of new attacks also motivates the security industry to advance their technology and defenses. Innovation in a lot of cases is spurred by exploitation.

Mr Jones will be taking part in a speaking tour where he will outline his past exploits and how to avoid threats.

“Hacker on Tour” will be touring Dundee and Edinburgh in January 2019.