Six Cyber Predictions For 2017
Cybersecurity has moved beyond patching, to focus on big picture problems such securing cloud services, the disappearing perimeter and the managing the flood of mobile devices.
McAfee Labs 2017 Threats Predictions report gives government IT managers a heads up on what to expect next year:
1. Ransomware subsides in the second half of 2017
The scourge of hospitals, government agencies, transit organisations and others, ransomware may be leveling off, with the widespread media attention expected to spur solutions. Special interest organisations have done a good job of raising awareness, and companies have taken up the call to find answers.
2. “Drone-jacking” places threats in the sky
Consumer drones sold with open ports and weak authentication create opportunities for attackers to take control of unmanned systems.
Although vulnerabilities can often be fixed with a software update, “this requires the manufacturer to release a patch,” the report said.
Expensive, high-end drones will get patched quickly, but hobbyist drones may fly a long time before a patch is even available. That means exploit kits for unsecured drones will become available, and drone-jacking via laptops with directional antennas may emerge.
Unsecured drones open up risks for package delivery, aerial photography and law enforcement surveillance. Besides the danger to the devices themselves, look for drones that land on buildings and attempt to hack into the wireless networks inside.
3. Takedown operations put a dent in cyber-crime
Increased cooperation among law enforcement, industry and security vendors will help shut down criminal operations. The report warns, however, that cyber-criminals will begin to challenge the relationship between private vendors and law enforcement agencies, so all parties should prepare for legal ramifications of cooperation.
4. Threat intelligence sharing improves
New automated tools will make sharing information easier, and crowd-sourced threat intelligence and collaborative analytics help security analysts “connect the dots.” Legislation like the Cybersecurity Information Sharing Act will help overcome barriers to sharing by extending liability protection to the sharing entities.
5. Cyber-espionage increases in complexity
Former state-sponsored teams will become information brokers in cyber-espionage in 2017, providing “access” for money. “Everyone has information that is worth something, but it takes a creative mind to profit from it,” McAfee says. Additionally, advanced attackers are accessing networks by attacking firewalls, giving them “a great way to fly below the security radar.”
6. Cyber and physical systems merge
The separation between the physical and digital world could begin its erosion in 2017, making the security of one dependent on the security of the other. McAfee predicts that the physical and cybersecurity industries will begin hardening security products and that cybersecurity solution providers will begin to service and support physical security.
GCN: What Are The Big Cyber Threats In 2017?: