The 5 top cybersecurity threats for 2017
Cyber attacks and data breaches are on the rise this year, thanks in large part to the proliferation of affordable, customizable and accessible tools for cyber criminals. Quite simply, it is becoming easier all the time to be a bad guy in cyber space.
That fact has contributed to the rise in ransomware attacks this year, according to research firm Accenture, which has issued a new mid-year report identifying the top cyber threats for 2017.
“Recent large-scale cyber attacks [are] signaling a growing front in destructive threats and business impact,” says a new report from iDefense, part of Accenture Security. “Threat actors are continuing to evolve their ability to avoid detection.”
The “2017 Cyber Threatscape Report” examines key trends during the first half of 2017 and explores how cyber incidents may evolve over the next six months. It covers:
- The increased prevalence of destructive attacks and adversary denial and deception tactics.
- The aggressive use of information operations by nation-states.
- Growth in the numbers and diversity of threat actors.
- The greater availability of exploits, tools, encryption, and anonymous payment systems available to malicious actors.
“The first six months of 2017 have seen an evolution of ransomware producing more viral variants unleashed by state-sponsored actors and cybercriminals. Our findings confirm that a new bar has been set for cybersecurity teams across all industries to defend their assets in the coming months,” says Josh Ray, managing director at Accenture Security.
According to Accenture, there are five key threat areas on the rise this year. They are:
Reverse Deception Tactics
“Increasing cybercriminal use of deception tactics including anti-analysis code, steganography, and expendable command-and-control servers used for concealment of stolen data. Greater public reporting on cyber threat activity and attribution may accelerate this denial and deception trend, increasing the cost of cyber defense efforts and resource allocations,” the report says.
Sophisticated Phishing Campaigns
“Cybercriminals continue to craft familiar lures—subject lines mentioning invoices, shipping, resumes, wire transfers, missed payments— but ransomware is displacing banking trojans as one of the most prevalent types of malware delivered via phishing techniques,” according to the report.
Strategic Use of Information Operations
“Escalation of espionage and disruption activity from state-sponsored actors may likely continue in response to fulfilling strategic collection requirements and geopolitical triggers such as economic sanctions, military exercises and religious conflicts,” the report notes.
“Bitcoin continues to be the currency of choice among cybercriminals, however, the need to better conceal transactions is forcing cybercriminals to either develop and leverage bitcoin laundering techniques or adopt alternative cryptocurrencies,” the report explains.
“Distributed denial of service (DDoS)-for-hire services have given way to a thriving DDoS-for-hire botnet ecosystem leading to threat actors gaining greater access to increasingly potent and affordable DDoS-for-hire tools and services,” the report says.
Ray says there are immediate actions that organizatiosn can take to better protect themselves against malicious ransomware and reduce the impact of security breaches. They start with having an effective continuity plan.
Effective components for a business continuity plan include:
Adopt proactive prevention
“Recognize phishing scams through prevention training and awareness programs. Make it easy for employees to report fraudulent e-mails quickly, and keep testing internally to prove the training is working,” Ray advises.
Elevate e-mail controls
“Maintain strong spam filters and authentication. Scan incoming and outgoing e-mails to detect threats and filter executable files. Consider a cloud-based e-mail analytics solution,” Ray says.
Insulate your infrastructure
“Remove or limit local workstation admin rights or seek out the right configuration combinations (e.g. (virus scanners, firewalls). Regularly patch operating systems and applications,” Ray says.
Plan for continuity
“To avoid paying any ransom have a strong cyber resilience plan for recovery that is regularly reviewed, updated, and tested,” Ray concludes.