How Cyber Attacks Will Get Worse In 2017

It was speculated 2016 would see even more cybersecurity activity than 2015, and it did not disappoint. Here are some of the escalated challenges we will face in 2017.

Consider the $81 million stolen from the Bangladesh Central Bank, the 500 million accounts swiped from Yahoo, or the 19,000 emails leaked from Democratic Party officials in the run-up to the election. Not to mention the IoT-powered botnets launching record-breaking DDoS attacks that have brought down major parts of the Internet.

But, in reality, cyber-attack headlines offer just a glimpse of a cyber war between hackers and security personnel that is being waged on a grand scale every day. More than anything, they are harbingers of worse to come.

Here are some of the escalated challenges we will face in 2017.

1.    Attackers won’t just steal data, they will change it

Today’s savvy attackers are moving away from pure data theft and website hacking to attacks that have a subtler target: data integrity. They will use their ability to hack information systems not just to make a quick buck but also to cause long-term, reputational damage to individuals or groups through the erosion of trust in the data itself.

In the past six months alone, we’ve seen attacks like the DNC and Yahoo breaches, which focused on influencing political and economic public opinion, rather than simply gaining a profit. And the hackers aren’t done yet, the Russian group thought to be behind the election-related breaches is moving on to Germany’s elections next, according to a recent statement.

The scenario is particularly worrying for industries that rely heavily on public confidence. In fact, data from the analysis of SEC disclosures found 83 percent of publicly traded companies worry most about risk of brand damage via hacks. But it’s not just them. A laboratory that cannot vouch for the fidelity of medical test results, or a bank that has had account balances tampered with, are examples of organizations at particular risk. Governments, as pointed out above, may also suffer significant damage from such attacks, as critical data repositories are altered and public distrust in national institutions rises.

We’re also seeing this kind of manipulation at smaller scale. For example, we were deployed in a manufacturing firm that used biometric scanners to restrict access to their machinery and industrial plants. We noticed an unusual Telnet for a biometric scanner that was hooked to the corporate network. After further investigation, we found that legitimate data was being altered – quite possibly to add new fingerprints. This type of manipulation, had it not been detected early, would have have let attackers right in through the front door.

While some of the recent breaches and the result of this year’s US presidential election may seem straight out of a movie, tomorrow’s cyber-attacks will make it harder than ever to parse fact from fiction.

2.    Consumer devices will be held for (cyber) ransom

Ransomware, like Cryptolocker, has plagued companies around the world, experts reckon these attacks have increased fivefold in 2016 alone. They encrypt critical files at a speed that is virtually impossible to keep up with and leave companies facing hefty fees for their release.

Hospitals have suffered particularly at the hands of ransomware attacks. They are prime targets, as they have become digital jungles full of everything from life-saving medical equipment and critical patient records to patient devices and staff computers, all with cyber defenses that have failed to keep pace. 

The result is organisations that pay up. Hollywood Presbyterian Medical Center in Los Angeles paid the equivalent of $17,000 in Bitcoin to extortionists after its computers were taken offline for over a week.

In 2017 and beyond, we will start to see the beginning of a new type of extortion on a micro level, as consumers are targeted across a range of connected objects. Imagine getting home and turning on your smart TV only to find that cybercriminals are running a ransomware attack on your device. Would you pay $50 to unlock it? Or what if the new GPS system in your car got hacked when you were late for a meeting, how much would you pay to unlock it?

3.    Artificial intelligence will be a weapon

Artificial intelligence is exciting for many reasons, self-driving cars, virtual assistants, better weather forecasting, the list goes on. But attackers will use AI to wield highly sophisticated and persistent attacks, attacks that blend into the noise of busy networks.

We have already seen the first glimpses of attacks going this direction in automated polymorphic and metamorphic malware. Polymorphic malware, which changes its attributes mid-attack to evade detection, has reinforced the obsoleteness of signature-based detection methods. It self-learns and understands its environment and network before choosing its next action. Automation has also been a major factor in the resurgence of ransomware. 

We can anticipate that artificial intelligence threats will be similar. Imagine a piece of artificially intelligent malware sitting silently on a network, observing its surroundings and learning how to disguise itself. If it understands how to completely blend in with the background noise of a network, could it ever be detected?

The next generation of AI-powered attacks to emerge will use customized code to emulate the behaviors of specific users to fool even skilled security personnel. This includes the ability to craft sophisticated and bespoke phishing campaigns that will successfully dupe even the most threat-conscious employee.

Earlier in 2016 a receptionist received an email containing a fake invoice, supposedly coming from a stationary supplier known to the company. The receptionist opened the attachment, as she recognised the company, and typically handled many invoices per day. 

As soon as she clicked the attachment, her computer immediately connected to a server in Ukraine and downloaded a malware that rapidly began encrypting files. This will only get worse with “smart” malware driving attacks specifically tailored for their victims.

Next year’s attackers can see more than your social media profile. They’ll know that your 10 a.m. meeting with your supplier is being held at its new headquarters. At 9:15 a.m., an email with the subject line “Directions to our office” arrives in your inbox, apparently from the person you are meeting, as you get off the train. Do you click the map link in the email?

VentureBeat:     The Worst Hacks In 2016:       Cybersecurity Trends In 2017:             
 

« Russian Military Was Behind Hacking Clinton Campaign
Artificial Intelligence, Self-driving Cars & Cyberwar In 2017 »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Cloud Industry Forum (CIF)

Cloud Industry Forum (CIF)

Cloud Industry Forum is a non-profit industry body that champions and advocates the adoption and use of Cloud-based services by businesses and individuals.

Titania

Titania

Titania provide network security and compliance software. Find your Network Security gaps before hackers do with our security & compliance tools.

Hack in the Box Security Conference (HitBSecConf)

Hack in the Box Security Conference (HitBSecConf)

HITBSecConf is a platform for the discussion and dissemination of next generation computer security issues. Our events feature two days of training and a two-day multi-track conference

MNCERT/CC

MNCERT/CC

MNCERT/CC is the national Computer Emergency Response Team for Mongolia.

Oxford BioChronometrics

Oxford BioChronometrics

By building profiles based on electronically Defined Natural Attributes, or e-DNA, Oxford BioChronometrics protects digital networks, communities, individuals and other online assets from fraud.

CERT Tonga

CERT Tonga

CERT Tonga is the national Computer Emergency Response Team for Tonga.

Arkose Labs

Arkose Labs

Arkose Labs' Fraud and Abuse Platform combines Telemetry and adaptive Enforcement Challenges to break down the ROI of fraudsters and protect digital businesses.

Smart Protection

Smart Protection

Smart Protection are experts in brand and trademark protection - we fight against counterfeits and unauthorized usages of brands with machine learning technology.

Sunartek Labs

Sunartek Labs

Sunartek are equipped with expert resources and advanced technology to identify cyber threats and prevent any breach, bypassing the security network of your organization.

Mr Backup (MRB)

Mr Backup (MRB)

MRB offers Data Protection as a Service for businesses looking to reduce the time, cost and complexity of securing your company data.

iSTORM

iSTORM

iStorm specialise in supporting organisations who require a range of Privacy, Security and Penetration testing related services.

AVANT Communications

AVANT Communications

AVANT is a premier distributor of next generation technologies with the resources and relationships needed to successfully navigate the ever-changing world of communications and IT infrastructure.

Vertek

Vertek

Vertek is a leading provider of operations consulting, end-to-end business process outsourcing, business intelligence, software applications and managed cybersecurity solutions.

Canadian Cyber Threat Exchange (CCTX)

Canadian Cyber Threat Exchange (CCTX)

The CCTX is Canada’s not-for-profit, private-sector cyber threat sharing hub and collaboration centre.

Centum Digital

Centum Digital

Centum Digital provide services, products and solutions specialized in communications engineering, control and signal intelligence.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.