Humans, hacks and hindsight - New approaches to cybersecurity defense
Last year, hackers ramped up their nefarious efforts to execute attacks on an industrial scale. But while ransomware attacks reached epic volumes, it was the use of IoT devices to create mass botnets that truly took security pundits by surprise.
September saw a giant botnet attack, delivered using hijacked internet connected devices, targeting a top security blogger’s website in September. This was followed by the Dyn attack in October which took down some of the internet’s biggest websites – including Netflix, Twitter, Reddit, and Spotify.
For some time the security industry had been warning about the theoretic risks inherent in deploying unsecured mass produced IoT devices at scale. As what had seemed like science fiction became a reality, calls for the recall and removal of vulnerable systems from the Internet began to escalate.
This year, efforts to manage the IoT risk will intensify on a number of fronts. This will include attempts to impose regulatory controls on device manufacturers, alongside the enhanced education of consumers and business end users on the importance of changing default passwords on IoT devices.
So, what can we expect the threat landscape to look like in the future?
1. IoT threat escalation
With more and more things becoming connected, it is likely that cyber attackers will look to use mass IoT botnets to target critical infrastructure, with potentially devastating consequences this year.
The year will see hackers target home automation devices, medical devices and wearables in order to gather personal data and information or leverage these for widespread DDoS attacks. Enterprises will need to ensure they are appropriately prepared for catastrophic DDoS attacks and that their networks are adequately secured against potential vulnerabilities, such as attacks on IoT sensors.
This year will also see a rise in “footprint-less” malware attacks that are difficult to detect. As enterprises deploy more sophisticated security tools, hackers will resort to using ghostware to infiltrate networks, steal data and erase all signs of compromise before it can be discovered, leaving no trace on the network or endpoints.
2. The rise of user-friendly ransomware
Ransomware catapulted in popularity last year, and shows no sign of disappearing in 2017. Cyber hackers have proved adept at taking advantage of a security vulnerability most businesses appear to be unable to patch – the end users who click emails or links that spark a ransomware attack.
In 2016 ransomware became ever more automated and “user friendly” as hackers made their payment systems easier to use, providing online support to companies opting to pay a ransom in order to regain access to their data. In 2017 the processing of ransom payments will become even more sophisticated as hackers launch e-commerce style websites that make it all the easier for companies to pay.
Clearly, ransomware represents big business for cyber criminals as end users continue to represent the weakest link in the enterprise security strategy.
3. AI driven security approaches
Machine intelligence will be increasingly applied to cyber security as the field of IT security looks to harness big data and analytics to automate the task of threat hunting. Expect to see innovations that focus on how data can be manipulated and processed to help with cybersecurity and threat analysis.
However, in 2017 the move to enabling digital payments will pose a significant threat for businesses if not undertaken in a rigorous manner. Malicious parties may look to take advantage of misconfigured or poorly implemented solutions to re-direct payments. The events of 2016 confirmed that cyber security is no longer an issue that is confined to the IT department.
The escalation in ransomware attacks highlighted how employees represent a potential vulnerability as increasingly sophisticated phishing attacks made it hard for victims to evade the deception. Keeping employees informed of the latest ransomware threats and approaches is essential. Similarly, preventing such attacks increasingly depends on providing regular and in-depth training sessions that teach employees how to detect and evade phishing attempts.
In hindsight, more and more businesses are beginning to recognize that security protocols need to be at the top of the enterprise agenda. This year,organizations will prioritize securing IoT devices and implementing employee education programs designed to minimize the ransomware threat.