Reality Check: # 2017 Cybersecurity Predictions

January 25, 2017 · steveverbanic · · Comments

Ransomware, attacks from sovereign nations, botnets taking down sites on two continents – the cybersecurity industry saw dramatic changes in the landscape in 2016. Now that we’re almost a month into 2017, it’s time to get real about what’s coming.

Trends that shaped 2016

It’s hard to look at the year past and pick out one story that dominated. The recent U.S. election and the coming German vote are rumored to be hacking victims. But politicians are not alone – high-value targets have been hit, and hit hard.

Criminals are increasingly using automation to launch attacks in waves — gaining access first, then using intelligence to assess their surroundings and determine the right time to compromise the intended target.

The open-source code for Mirai was published online, and shortly thereafter, a hacker used it against a domain name services company, Dyn, taking down online behemoths like Twitter, AirBnB and Reddit. Mirai used a botnet of unsecured devices connected to the internet, creating a zombie army that knocked out service on two continents.

Ransomware took down healthcare and financial networks, holding data hostage until companies paid up. Innocuous-looking emails with embedded malware let criminals into the network, and their tools lay undetected as they seized the entire system.

What have we learned? Anything can be a weapon if the target is big enough, and criminals have had some success in their attacks.

Trends that will shape 2017

  • Greater defenses are needed. Defenders need to do more than just block malware. Watch for more autonomous programs that can evade detection.
  • In just a few years, there will be 20 million IoT devices connected to the web, many with vulnerable code. Watch as hackers claim particular devices as theirs to abuse, blocking other criminals to form personal shadownets. Industries with large supply chains relying on IoT devices will be particularly affected.
  • The cloud will be vulnerable. As businesses automate more and give greater access to IoT devices to share data, the cloud will increasingly come under attack.
  • Smart cities could be targets. When everything from disaster services to stop lights near hospitals are controlled by computer, cities will be open to attack from those looking to hold data ransom and attempting terror attacks.
  • Ransomware was just the beginning. High-value targets could see their private photos and financial information published on their own social media as hackers become more sophisticated in their targeting.
  • The shortage of cybersecurity talent is too great to meet the need. Technology will be used to bridge the gap.

We’re already into 2017. The time to take action is now.

Today’s IT teams are managing networks used by multiple users on a variety of platforms. To function in today’s business world, networks need to be flexible and able to work on demand.

The problem is the cyber criminal has evolved too — no longer is a wall against attack possible, but a blanket of defenses is required. What is needed is an adaptable security framework around intelligent strategy.

SLAIT Consulting has the expertise and best-in-class technology to stand up to cyber threats in the year ahead. Contact us as your enterprise plans a secure 2017.