As we approach the year-end attention of course turns to what we can expect to see in 2017 and what we are security professionals need to be prepared for.
In many ways, 2016 was very much the ‘Year of the Ransomware Threat’, and it is very hard to see that changing much next year. After all most cybercrime is driven by hard cash and the fact remains that most ransomware and extortion attacks are successful.
Estimates from the FBI suggest ransomware could be worth $1 billion this year but the agency pointed to a jump in cases where victims reported bigger losses, and also hinted that the actual ransom payment totals may be even larger since many choose not to report the crime.
So ransomware and extortion is not going away in 2017, but what else can we expect next year?
First, in 2016 there were some very high profile Distributed Denial of Service (DDoS) and we can expect to see even more in 2017 with criminals making more use of techniques like Mirai to leverage IoT and networked devices to amplify their attacks. These sorts of DDoS attacks powered by cheap, insecure IoT devices could become more common, but they are also likely to become less lethal suppliers harden their defenses and device manufacturers adopt identity-based security to close vulnerabilities.
Second, I expect there will be a change in approach by the criminals using DDoS extortion attacks. Not only will they continue to go after larger demands for payment, but also they will utilize malware like Mirai to target network enabled devices like routers and remote cameras to amplify the attacks and make them more prolonged and adaptive. We are becoming more used to the Internet of Things, but what if criminals turn this against us to demand money via extortion attempts? We have already seen IoT linked attacks in 2016 and this can only increase in 2017.
Third, in all the ‘excitement’ of IoT and DDoS attacks we cannot afford to lose sight of the continuing threat caused by data breaches. Whether deliberate or accidental, data breaches cost businesses millions of dollars each year in loss of business; brand damage and reputation. A recent IBM study found that the average cost of a data breach has hit $4 million—up from $3.8 million in 2015.
But while these three are likely to be the most common threats faced in 2017, it is important to mention how some threats are more relevant to some organisations than others. The most targeted sectors include healthcare, financial services, retail, and communications and media.
But in no way can any business or individual afford to be complacent. It is critical that you understand your individual threat model and plan in case the worst does happen. You also need to monitor inside and outside of your network and look at the threats revealed through the eyes of an attacker. Only then can you begin to ensure you have enough intelligence and awareness to manage the risks effectively for when the inevitable attack happens.
All in all it’s critical that you make sure 2017 is the year you take control of your security intelligence and awareness.