While 2016 was a banner year for cyberattacks, hold onto your boots, 2017 should be a wild ride as well. We’ll see escalations of current threats and brand new attack vectors.
Trojan with the worm talent
Cyber criminals will take ransomware to the next level in 2017 by introducing the kind of auto-propagating characteristics traditionally found in network worms like CodeRed and Conficker. That’s right, imagine a breed of ransomware designed to produce endless duplicates of itself, spreading the infection across an entire network. Whether you want to contemplate this scenario or not, it’s only a matter of time before self-spreading ransomware – or ransomworms – begins to wreak havoc.
Cyber security companies will come to a rude awakening when it becomes clear that they don’t have a monopoly on machine learning in 2017. Machine learning has done far more than any human could to help the security industry become more predictive and less reactive in the fight against malware. By analyzing gigantic datasets and huge catalogs of good and bad files, these systems can recognize patterns that assist information security pros in rooting out never before seen threats. Advanced cyber criminals will turn the tables and begin leveraging machine learning themselves to cook up new and improved malware to challenge machine-learning defenses.
With the nation state cyber cold war well underway, expect to see at least one “civilian” casualty as collateral damage in 2017. In the past several years, nation states have allegedly damaged enemy nuclear centrifuges using malware, stolen intellectual property from private companies, and even breached other governments’ confidential systems. For some time now, the U.S., Russia, Israel, and China have been mounting strategic cyber security operations and hording zero-day flaws to use against one another. This government practice of building up arsenals of vulnerabilities – rather than helping vendors fix them – will undoubtedly lead to an unsuspecting private business or citizen falling victim to an undisclosed zero-day exploit.
As they continue to be aggressively targeted by cyber criminals, small and medium businesses (SMBs) will continue to make network security a higher priority. With small IT teams and rarely any dedicated security professionals on staff, and without the resources to configure, monitor or adjust their own security controls, SMBs will recognize that their friendly neighborhood managed service provider (MSPs) may be the solution. As a result, MSPs will continue to add security services to their basic IT offerings. In 2017, at least a quarter of small businesses will turn to more specialized managed security services providers (MSSPs) for their security needs, and this percentage will continue to increase each year.
In the face of countless credentials breaches over the past several years, biometric solutions like fingerprint scanners for authentication will continue to rise as a popular alternative to passwords. These frequent breaches have also brought into question whether or not passwords should be part of the authentication solution at all. The widespread adoption of biometrics as a convenient alternative to remembering passwords, and as the primary method for authentication in 2017 will not erase the fact that weak passwords are still hiding in the shadows – a core part of operating systems and just as vulnerable as ever.
Attackers will exploit infrastructure-as-a-service (IaaS) as both an attack platform and attack surface.
Cloud adoption is growing at an incredible rate among organizations of all sizes. As these platforms have become increasingly engrained in the fabric of businesses’ operations, they’ve also become a ripe target for criminal hackers. Public infrastructure-as-a-service (IaaS) will be leveraged as both a potential attack surface, and as a powerful platform to build criminals’ malware and attack networks. Expect to see at least one headline-generating cyber attack either targeting or launched from a public IaaS service in 2017.
IoT devices become the de facto target for botnet zombies.
In 2016, the Mirai IoT botnet source code was leaked, enabling criminals to construct enormous botnets and launch gigantic distributed denial of service (DDoS) attacks with record-setting traffic. Now that hackers are weaponizing IoT devices in this way, we can expect them to expand beyond DDoS attacks in 2017. The pure volume of Internet-connected devices that are manufactured full of vulnerabilities presents a shiny new attack surface that hackers are sure to use to their advantage. In the coming year, we’ll see criminals launch specialized IoT botnet click-jacking and spam campaigns to monetize these new attack methods the same way that traditional computer botnets were monetized.