Horizon scanning: the top cyber threats we’ll face in 2017
- Published: Wednesday, 04 January 2017 10:44
From record-breaking data breaches to widespread ransomware attacks, 2016 was the year that hacking went mainstream. But what does 2017 have in store for us? Continuity Central spoke to five security experts for their take on the biggest threats we’ll face in 2017...
Large-scale connected device hacks
Wieland Alge, VP & GM EMEA at Barracuda Networks
“After some years in the making, we are starting to see a very wide scale adoption of rich Internet of Things (IoT) deployments; industrial freezers, smart kiosks, managed facilities, connected cars and industrial washing machines: all connected and, hopefully, protected.
“The biggest threat we face in 2017 is a cyber attack that successfully targets and manages to take control of hundreds of thousands of these connected devices. This is the case for two reasons: firstly, it is clear that this kind of attack is already being planned, if not successfully executed; and, secondly, the damage that a botnet of this size could cause, especially if attackers targeted critical infrastructure, could be catastrophic.
“There have also already been some rumours of large-scale, business-critical deployments being compromised and held to ransom by cyber attackers. But 2017 will be the first year in which these incidents will become a widely publicised and regular occurrence.”
Attacks on on-premises applications
Eduard Meelhuysen, Head of EMEA at Bitglass
“On premises applications will present a major threat vector in 2017 and we’ll increasingly hear of attacks on this infrastructure throughout the year and beyond. The major cloud app vendors have invested heavily in security personnel and security infrastructure, and have proven their ability to effectively protect against cyber threats.
“On the other hand, on premises applications commonly suffer from slow or non-existent patching and far less comprehensive security strategies than their public cloud counterparts. Cyber attackers know where these weaknesses lie and will find that on premises apps are the path of least resistance to valuable company data.”
Footprintless malware and ransomware
Thomas Fischer, Threat researcher and security advocate at Digital Guardian
“In 2017, we should expect an uptick in two attack vectors. First, there will be a rise in footprintless attacks, which are very difficult to detect. These attacks, which are also known as Ghostware, work by doing everything in-memory, so they leave no trace on the network or endpoint. As hacker groups are increasingly being run more like businesses, hacker R&D departments will develop more of these attacks, to be capable of bypassing security devices in order to exfiltrate data. Secondly, we will see more state-sponsored hackers attacking specific mobile devices in order to spy on their owners. We may also find that malicious parties will target mobile phones and use any compromising data they find to blackmail individuals in a more commercial campaign.
“From a business perspective, the threat of ransomware stands to be the most disruptive cyber threat in 2017. Ransomware creates a ‘denial of access’ to corporate assets. We talk a lot about stopping critical assets or data being lost in a breach, but if a company does get hit with ransomware, the loss of access to its data can, in itself, have a significant impact on its ability to do business.”
Hackers targeting IoT devices
Ashley Stevenson, Director of Identity Technology at ForgeRock
“As more and more devices, things and services come online through the IoT, legacy approaches to authentication, authorization and identity management will need to change. Internet-connected devices like home lighting, garage doors and smart wearables will continue to be a prime target for cyber attackers in 2017 and simply using username and passwords to control access to these things just won’t be workable. It’s widely accepted that trust and security will be key to the mass adoption of IoT, so device manufacturers will be forced to look for ways to keep customers and their possessions safe.
“The way forward will be to use passwordless identity management and continuous security techniques to maintain secure access to devices and services. One passwordless methodology that will gain traction through 2017 is push notifications: using real-time messaging to smartphones to grant access to data or authorise use of online services. Mobile phones are ideal for authentication because users are familiar with how they function, they’re closely associated physically with the individual, and they can receive notifications to the phone, or within specific apps running on the phone.”
Web application vulnerabilities
Ryan O’Leary, VP Threat Research Centre at WhiteHat Security
“It is no surprise then that web applications offer one of the largest and most lucrative openings for hackers. With more and more applications being developed to ever-tighter deadlines, they really do represent the Achilles heel of enterprise security. According to the 2016 Verizon Data Breach Investigations Report, web application attacks were the number one source of data loss, accounting for 40 percent of all incidents that resulted in a data breach.
“Despite web applications representing a favourite attack vector for cyber criminals, WhiteHat’s recent research highlighted the current dismal state of application security; remediation rates are typically under 50 percent and vulnerabilities that are eventually resolved often stay open for months. With little sign on the horizon that organizations are making fundamental changes to their app development processes or security practices, there will be many more stories of big data breaches originating from the application layer continuing to hit the headlines in 2017.”