More particularly, this comprehensive 57 page report included 14 threat trends to be aware of, the most critical developments to watch for in security as it pertains to cloud and the Internet of Things (IoT), and highlighted the six toughest challenges that the cybersecurity industry is currently grappling with.
The 2017 threats predictions are broad, and show just how many areas security has an impact upon. One of the most fascinating (and frightening) threats that businesses are facing is ransomware, whereby an organisation finds its servers and the data held thereon infiltrated and held hostage, only unlocked once a monetary payment is made.
According to the report, ransomware-as-a-service, custom ransomware for sale in dark markets and creative derivatives from open-source ransomware code, will keep the security industry busy through the first half of the year. Ransomware’s impact across all sectors and geographies will force the security industry to take decisive actions.
Indeed, ransomware is particularly attractive to both large cybercrime organisations and smaller players, particularly as the massive revenue potentials ($325 million from a single ransomware family) make it exceedingly attractive. While the larger crime organisations are expected to remain a problem, less sophisticated groups and individual criminals are likely to find their longevity limited in 2017. The report noted that these smaller initiatives will likely peak halfway through 2017 and then begin decreasing in the second half of the year in volume and effectiveness, due to the No More Ransom! collaboration, the development and release of antiransomware technologies, and continued law enforcement actions.
Trevor Coeetzee, regional director of South Africa and sub-Saharan Africa, Intel Security
Threats from the past, and the future
However, there are more familiar threats, including sophisticated hardware and firmware attacks, attacks on ‘smart home’ IoT devices and the use of machine learning to enhance social engineering attacks, that still need to be dealt with.
With regards to the first of these, hardware attacks, the report asserted that Windows vulnerability exploits will continue to decline, while those targeting infrastructure software and virtualisation software will increase. Additionally, hardware and firmware will be increasingly targeted by sophisticated attackers. As much as it may seem straight out of a sci-fi movie, hackers are expected to turn their eye to drones, performing ‘drone-jackings’ for a variety of criminal or hacktivist purposes using software on notebooks.
As more etailers - including Amazon - explore using drones to affect delivery, it is likely that these will become even more alluring targets. Also in the crosshairs are smart homes, as Internet of Things (IoT) malware is expected to open backdoors into the connected home that could go undetected for years. Trevor Coetzee, the regional director of Intel Security explained that this is due to the fact that there is no security framework in place for IoT applications, and they therefore aren’t being designed with cybersecurity in mind.
Eyes wide shut
Considering that today’s consoles are connected to a home network, and sometimes accompanied by a camera, it is easy to see how hackers can quite literally cast a roving eye into one’s living room or bedroom. Add to this a connected smart TV, connected lighting, temperature controls and the like, with as yet, no clear way to detect whether malware is sitting in one or more of these devices, and it is easy to see how the smarthome may not be as secure as hoped.
Part of the reason for this, the report explains, is that the home IoT market is very “sticky,” in that once someone buys a smart thermostat they probably will not replace it. This compels a rush to market from manufacturers with many relying on third-party code libraries to shorten the development process and reduce costs. One way to do this is by deploying code that has been subjected to minimal testing, and often left with gaping security holes that have gone unpatched for years.
Rise of the machines
Moving on, the benefits of machine learning will likely not only find their way into legitimate businesses, but cybercrime as well, with it being used to accelerate the proliferation of and increase the sophistication of social engineering attacks. This only illustrates a point raised by Coetzee, that today’s cybercriminals are a far cry from the typical assumption of your average cyberattacker being a young guy in his basement, infiltrating and hacking IT systems for kicks.
Instead, he pointed out, today’s cyberthreats are very much a serious moneymaking business, and approached as such.
Exacerbating matters is the internet, and the availability of resources it offers, which enables cybercriminals to fine-tune their methods with the help of machine learning. A prime example is the Business Email Compromise (BEC) scam, which has been escalating since early 2015. The report explains that with BEC scams, individuals with financial responsibility within a business are targeted. Using social engineering, the victims are duped into transferring funds into a fraudulent bank account. In some cases, the attacks have even coincided with business travel dates for executives, with the intent of increasing the odds of the scam’s success.
Apparently, the FBI has reported that more than $3 billion has been stolen, with victims in all 50 US states and 100 countries.
Now for the good news
While it is all too easy to get discouraged by the daunting cyberthreats out there, the report does offer two pieces of good news - the first being by relying on increased cooperation between law enforcement and the IT industry,the resulting takedown operations will make a dent in cybercrime. Secondly, the sharing of threat intelligence is expected to make great strides in the year ahead. Indeed, Coetzee stressed, it is only by collaborative efforts that cybersecurity threats can be addressed.
“To change the rules of the game between attackers and defenders, we need to neutralise our adversaries’ greatest advantages,” said Vincent Weafer, vice president of Intel Security’s McAfee Labs. “As a new defensive technique is developed, its effectiveness increases until attackers are compelled to develop countermeasures to evade it. To overcome the designs of our adversaries, we need to go beyond understanding the threat landscape to changing the defender-attacker dynamics in six key areas: information asymmetry, making attacks more expensive, improving visibility, better identifying exploitation of legitimacy, improving protection for decentralised data, and detecting and protecting in agentless environments,” he concluded.
For more information, you can read the full report here.