Cybersecurity incidents and risks will grow even further in 2018, predicted security firm ESET in its report, “Cybersecurity Trends 2018: The Cost of Our Connected World.”

The report covered ransomware, attacks on critical infrastructure, malware and combating criminal activity, as well as cyber threats posed to electoral campaigns and data privacy. Although many companies are still prepared to spend large sums in ransom payment as opposed to investing in their cyber defences, the report said this unsustainable trend is likely to continue in 2018.

Stephen Cobb, senior security researcher, ESET, anticipated further threats to supply chains in 2018. “While many large companies appear to be taking cybersecurity more seriously these days, with security teams getting both the budget and C-level backing required to do a good job, many smaller businesses supplying goods and services to larger organisations are struggling. That makes them an attractive target,” he said.

In the report, ESET also revealed that its collaboration with Microsoft, Europol and the US Federal Bureau of Investigation (FBI) led to the arrest of cybercriminals involved in the Gamarue botnet. It demonstrated the importance of security companies and law enforcement working together to make the Internet a safer place for everyone except cybercriminals.

ESET emphasised the vulnerability of elections in 2017 as major voting events took place around the world. Votes cast by an electorate can be tampered with or an electorate may be swayed in the run-up to an election by hacktivists working to change public opinion. Countries should invest in preventative measures in 2018 to safeguard the digital security of the democratic process, it said.

The General Data Protection Regulation (GDPR) comes into force in May 2018, replacing the Data Protection Directive and increasing the legislative concern surrounding data privacy. ESET security expert, Tony Anscombe stressed the importance of user awareness in data collection and highlighted the risks faced by data collected through the Internet of Things (IoT). Under the GDPR, there are significant fines for companies that fail to protect personal data.

“In 2017, we have seen cybercriminals focus their attacks on sensitive and private information. In 2018, users will need to increase their awareness of cyber threats and manage their digital world more responsibly,” ESET said.