Last year set records for the number, and the severity, of cyber security incidents. And while many worldwide are celebrating the fact that we’ve left that rough year behind us, make no mistake: 2017 has the potential to be just as difficult. We are facing sophisticated new threats with the capacity to devastate businesses that aren’t adequately prepared. Perhaps more so than ever before, we must be vigilant in our fight against hackers and cyber criminals.
I have identified four specific cyber security trends that I believe will be major threats to organizations:
Ransomware will merge with data-stealing malware
We will see ransomware becoming more intelligent this year and merging with information-stealing malware. This will allow fraudsters to steal information before encrypting it.
Although ransomware is certainly a quick and easy way for hackers to make money, there are always cases in which a potential victim has backup files and thus refuses to pay. However, if the hacker has stolen the information before encrypting it, the damage is already done.
In 2016, we saw several cases of ransomware being used in sensitive environments such as hospitals, but without causing any significant damage. But imagine if malware were used to exfiltrate patient information before it is encrypted. There is a very good chance we will see this kind of devastating data leak.
Ransomware will target cloud-based databases
In 2016, we did not see many (if any) hackers using ransomware in attacks against corporate networks. Knowing that large businesses back up all of their critical files, they wisely chose information-stealing malware as their preferred tool. However, many SMBs are now moving their files to the cloud. Do they have backups, or would they even know how to recover lost files?
Once cyber criminals realize this, we’ll see ransomware targeting cloud-based databases, where there is less chance of backup files being available. This wouldn’t just cause downtime for the victimized companies; it would have a significant impact on the cloud providers and infrastructures as well.
Hackers will begin targeting web browsers
I predict that we will see hackers begin to target Web browsers such as Chrome, Internet Explorer and Mozilla Firefox as the weak point. When you think about it, browsers are essentially the operating system today. Regardless of whether you’re using Windows, Mac OS or Linux, you spend most of your time in the browser, talking on Google Hangouts, drafting documents on Google Docs, using any number of plug-ins, and more. This is a very large attack surface that hasn’t been fully exploited by hackers. I think we are poised to see an increase in malware targeting this surface. Once hackers find vulnerability within a browser, they’ll have access to everybody who uses that browser, regardless of OS.
Internet of Things (IoT) breaches galore
There is a very good reason why we are seeing daily news articles breathlessly warning about the risk of IoT breaches. Quite simply, IoT devices weren’t designed with security in mind. And now that we are connecting everything from refrigerators to hair dryers to the Internet, it’s just a matter of time before a significant breach occurs.
This year SMBs and large enterprises alike will suffer breaches originating from an insecure IoT device connected to their network. The access point might be anything from a security camera or network printer to climate control or even a remote-controlled light-bulb.
You may have read about a late 2016 DDoS attack on the web site of cyber security expert Brian Krebs. A hacker found vulnerability in a specific brand of IoT camera, and caused millions of them to make HTTP requests from Krebs’ site at the same time. It successfully crashed the site, but this is just the tip of the iceberg in terms of what IoT breaches can do.
Imagine a hacker infiltrating an IoT camera within a corporate network. If that network also contains the company’s database center, there’s no way to stop the hacker from making a lateral move from the compromised camera to the database.
This isn’t much different from what happened in the infamous Target breach of 2013; a hacker infiltrated the system responsible for monitoring the retailer’s air conditioning, and then made a lateral move to the customer database. This type of hack is going to become much more common.