Predictions for Cyber Security Threats in 2017

July 18, 2017 10:09 am Published by Leave your thoughts

The top 10 biggest cyber security threats for 2017

As the internet continues to evolve, so too does cyber-crime. It’s an  unfortunate  reality that we’re all forced to live with. We exist in an  era  when  the  Internet  has given us access to vast amount  of information. Online  tasks like shopping, banking and paying bills conveniently  are  at our fingertips.

But for as much as the internet has made our lives easier, it  has  also given  Cyber  criminals  scope  for new   &  Versatile attacks . In 2017, it   is   no longer even needed  to leave your house to rob someone—or commit an act of war.

As more and more systems become automated, as more networks  are  online – as we depend on technology to a greater extent every single day – we become more and more vulnerable to cyber-attacks.

With the   above  scenario   in mind,  below  are our predictions for the top 10 cyber security threats we may face in 2017:

1) Cloud-Based Attacks Will Continue to Grow

As part of a continuing trend, we expect to  notice a greater number of attacks on cloud-based management platforms, workloads and enterprise SaaS applications. This, in turn, will cause the majority of companies and organizations to have to  review their security budgets and reallocate  a greater portion of it to cloud-based security.

2) Password Hygiene Will Continue to be a Problem

Already in 2016, major breaches at Yahoo and Twitter have  forced  a  significant number of people  to have greater awareness about their password hygiene. These breaches will continue in 2017. At the core of the issue is people’s tendency to re-use the same password across multiple accounts. This needs to be addressed, as one compromise – if it contains a password – could potentially endanger multiple other accounts as well. Always use different passwords, and when possible make use of two-factor authentication or other  recommended technologies.

3) Ransomware Will Continue to Evolve as a Threat

Ransomware is just one part of a larger threat: digital extortion. But as  on  date, it is the most effective weapon in the digital extortion tool box. The ability to take over a system and effectively hold it hostage until a set of  financial  demands  have been met  , is highly alluring to cyber-criminals and its use will likely   to  grow substantially in 2017.

4) Automobiles Are Going to Need Better Digital Security

Every year more and more automobile manufactures advertise innovative digital systems that have been added to their cars and trucks. From drive computers to advanced features like console-based entertainment centers, more and more systems are being brought online in automobiles every year. And while this is exciting, it also creates a brand new avenue   for Cyber attack. Consider  just for a second  how terrifying it would be if any of your car’s online systems to come under attack while you’re in transit on a highway—or anywhere really. This is something the automobile manufacturers will need to address quickly.

5) IoT Device Manufacturers Will Need to Address Major Threats

This point piggy-backs on our previous one, the IOT or Internet of Things refers to the plethora of devices that have come online in recent years. Everything from your dishwasher to your coffeemaker are online now—your refrigerator probably has a Twitter account at this point. Again, with all of these devices coming online – and perhaps more importantly, networking with other devices online – it creates a new attack surface that is extremely vulnerable. Until IOT manufacturers identify authentication risks and establish identity assurance requirements, the threat will  continue.

6) Mobile Payments Will Continue to be  target  for  attackers

You know how many people are paying for things on their phones these days. It seems like everyone – from coffee shops to technology titans like Apple and Google to financial institutions – are designing NFC (Near Field Communication) and RFID (Radio Frequency Identification) mobile payment platforms these days. As you can imagine, this is an exciting new target for cybercriminals, who are already actively looking for a way to breach these systems and gain access to money and valuable financial details.

7) Social Engineering Attacks on Employees Will Grow

With companies and organizations across the world spending more and more time on their digital security strategies, cyber criminals have been forced to become increasingly creative in their attacks. We are now entering an era where Social Engineering Attacks are reaching the level of an art form. Social Engineering is a technique where cyber criminals attempt to create a believable cover from which to breach a network or to take advantage of a known vulnerability. In this context, it’s usually an email-based phishing attack which impersonates an employee’s coworker or superior in a convincing way to get them to click a link or open an attachment—though it can take other forms as well. It’s absolutely crucial that all companies and organizations spend time and resources   to  train  all their employees on threat detection and how to handle anything suspicious.

8) SMBs Will Continue to Be Targeted

One of the biggest misnomers when it comes to cybercrime is that the biggest companies are the most likely targets. It  is  not true. According to Symantec, 74% of small and medium-sized businesses have been targeted in the last 12 months. In 2017, that number is going to sky-rocket? Why? It has to do with the fact that the browser community is going to start mandating encryption. This means every website will need to have at least a Domain Validated SSL Certificate. The problem lies in the fact that many small and medium-sized businesses currently encrypt their websites using DV SSL, which before SSL was required was sufficient, but won’t be afterwards. Why won’t it be sufficient? DV SSL offers no authentication beyond who owns the domain. This means that the legitimate website of an SMB (with a DV SSL Certificate installed) and a spoofed version of that same website made by a cyber criminal will be identical to the average internet user. They will both have a DV SSL Certificate on them. They will both have identical security indicators. They both look exactly the same. Phishing attacks are about to sky-rocket. The only solution is Business Authentication.

9) Commercialized Anti-DDoS Will Emerge

The last two threats are larger-scale threats, with the potential to affect entire countries—not just companies and industries. Recently, we’ve begun  noticing  DDoS (Distributed Denial of Service) attacks in excess of 500 GB. Without getting into  details , this is a staggering level of power on the part of the attacker. These attacks can take entire servers down at will, for as long as they continue to be executed, and put companies and organizations at the mercy of their attackers. It’s only a matter of time before a startup that can directly attack or patch botnet systems is formed in a largely unregulated country (like Middle East, Asia or Eastern Europe). This will mark a new chapter in the history of cyber warfare as it will give lesser developed countries access to a powerful weapon while forcing entire nations to reckon with the threat.

10) A Country Will Conduct a Cyber-Attack that will Be Acknowledged as an Act of War

International incidents involving acts of cyber warfare have already been started —and  increasing regularity. China, which has a highly-regulated internet, once essentially weaponized its entire internet user-base in order to launch a massive DDoS attack at GitHub. Russia hacked the US Democratic National Committee’s servers and leaked thousands of stolen emails to WikiLeaks during the US elections. The US is rumored to have once partnered with Israel to create a computer virus that was then used to attack the Iranian nuclear program. These things are happening on a daily basis. The only thing that’s prevented escalation so far has been secrecy and level of deniability – no matter how strained – on the part of the attackers. But it’s only a matter of time before some nation catches another one red-handed and acknowledges the cyber-attack as an act of war.

Tags: ,

Categorised in: ,

This post was written by Sudipta Biswas

Leave a Reply