Cyber

Hacks and hindsight

by Mark Rowe

Thomas Fischer, threat researcher and security advocate at data security software company Digital Guardian reviews the threat trends landscape.

Last year, cyber hackers ramped up their nefarious efforts to execute attacks on an industrial scale. But while ransomware attacks reached epic volumes, it was the use of IoT devices to create mass botnets that truly took security pundits by surprise. September saw a giant botnet attack, delivered using hijacked internet connected devices, targeting a top security blogger’s website in September. This was followed by the Dyn attack in October which took down some of the internet’s biggest websites – including Netflix, Twitter, Reddit, Spotify and the UK Government’s site.

For some time the security industry had been warning about the theoretic risks inherent in deploying unsecured mass produced IoT devices at scale. As what had seemed like science fiction became a reality, calls for the recall and removal of vulnerable systems from the Internet began to escalate. In 2017, efforts to manage the IoT risk will intensify on a number of fronts. This will include attempts to impose regulatory controls on device manufacturers, alongside the enhanced education of consumers and business end users on the importance of changing default passwords on IoT devices. So, what can we expect the threat landscape to look like?

1. IoT threat escalation

With more and more things becoming connected, it is likely that cyber attackers will look to use mass IoT botnets to target critical infrastructure, with potentially devastating consequences in 2017. The year will see hackers target home automation devices, medical devices and wearables in order to gather personal data and information or leverage these for widespread DDoS attacks. Enterprises will need to ensure they are appropriately prepared for catastrophic DDoS attacks and that their networks are appropriately secured against potential vulnerabilities, such as attacks on IoT sensors.

This year will also see a rise in ‘footprint-less’ malware attacks that are difficult to detect. As enterprises deploy more sophisticated security tools, hackers will resort to using ghostware to infiltrate networks, steal data and erase all signs of compromise before it can be discovered, leaving no trace on the network or endpoints.

2. The rise of user-friendly ransomware

Ransomware catapulted in popularity this year, and shows no sign of disappearing in 2017. Cyber hackers have proved adept at taking advantage of a security vulnerability most businesses appear to be unable to patch – the end users who click emails or links that spark a ransomware attack. In 2016 ransomware became ever more automated and ‘user friendly’ as hackers made their payment systems easier to use, providing online support to companies opting to pay a ransom in order to regain access to their data. In 2017 the processing of ransom payments will become yet more sophisticated as hackers launch e-commerce style websites that make it even easier for companies to pay. Clearly, ransomware represents big business for cyber criminals as end users continue to represent the weakest link in the enterprise security strategy.

3. AI driven security approaches

Machine intelligence will be increasingly applied to cyber security as the field of IT security looks to harness big data and analytics to automate the task of threat hunting. Expect to see innovations that focus on how data can be manipulated and processed to help with cyber security and threat analysis. However, in 2017 the move to enabling digital payments will pose a significant threat for businesses if not undertaken in a rigorous manner. Malicious parties may look to take advantage of misconfigured or poorly implemented solutions to re-direct payments. The events of 2016 confirmed that cyber security is no longer an issue that is confined to the IT department.

The escalation in ransomware attacks highlighted how employees represent a potential vulnerability as increasingly sophisticated phishing attacks made it hard for victims to evade the deception. Keeping employees informed of the latest ransomware threats and approaches is essential. Similarly, preventing such attacks increasingly depends on providing regular and in-depth training sessions that teach workers how to detect and evade phishing attempts.

In hindsight, more and more businesses are beginning to recognise that security protocols need to be at the top of the enterprise agenda. In 2017, companies will prioritise securing IoT devices and implementing employee education programmes designed to minimise the ransomware threat.

Related News

  • Cyber

    Scots first cyber chair

    by Mark Rowe

    Jude McCorry, CEO of the Scottish Business Resilience Centre (SBRC), is the first chair of the CyberScotland Partnership. Jude, pictured, will work…

  • Cyber

    US cyber survey

    by Mark Rowe

    Most cybersecurity industry people ahead of an exhibition when asked believe that a major breach of US critical infrastructure will occur in…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing