Four Security Trends to Watch in 2017

April 18, 2017 | Post by Chris Opat | 1 Comments

Security Trends

Most cyber threats never really die, they just evolve. Some become more dangerous and sophisticated, some morph into new threats and others become more manageable over time. More frequently, new threats surface that require different controls and mitigation approaches. So it is with the collection of threats confronting enterprises this year. 

The Ransomware Scourge 

The success that threat actors have enjoyed in extorting money from individuals and businesses via ransomware is certain to fuel more sophisticated and targeted attacks this year on desktop and mobile systems.

In 2016, cyber criminals increasingly began using spear-phishing, malware kits and watering hole attacks for distributing ransomware. Malware samples became a lot more potent with Mamba and Petya fully encrypting hard disks on infected systems for the first time. Barriers to entry all but disappeared with the growing availability of do-it-yourself ransomware kits and ransomware as a service business options.

The full effects of these trends will play out this year, as more cyber criminals – emboldened by the success of their peers – join the feeding frenzy. Surreal as it may sound to many security executives, organizations will need to implement formal processes for dealing with the aftermath of a ransomware incident. Policies regarding whether or not to entertain ransom demands will need to factor in the possibility that extortionists may not free the date they locked up even after they have been paid.

Meanwhile, best practices for protecting your network from ransomware include regular data backups, leveraging file sync and share technologies, configuring least-privilege access controls, application whitelisting, stringent spam and phishing email filtering, and network segmentation.

IoT: Internet of Things, or Internet of Threats?

The Mirai botnet attacks last year highlighted the massive threat posed to organizations by security vulnerabilities in the countless products that people and businesses have begun connecting to the Internet these days. Expect to see cyber criminals probe these vulnerabilities to try and gain access to enterprise networks or to launch denial of service attacks and other malicious campaigns.

A couple of factors exacerbate the situation. Many organizations continue to be dangerously unaware of the IoT devices on their networks and, therefore, the extent of their exposure to IoT-borne threats. Vulnerable IoT devices – especially those designed for consumer use – are also not always easy to patch and will continue to present an opportunity for hackers until the devices are replaced.

Among the IoT attacks to watch out for this year will be those that seek to compromise industrial control and manufacturing systems, healthcare devices, and production systems. Disruption and damage will be big objectives in many IoT attacks. IoT monitoring and connection security will assume increased importance for organizations as a result of these threats.

Best practices for IoT security are still emerging, but organizations should be considering issues such as who takes ownership of IoT risks, secure configuration of IoT devices and IoT connection security

Terabit-scale Distributed Denial of Service Attacks

If the attacks on DNS service provider Dyn and French ISP OVH late last year are any indication, distributed denial of service (DDoS) attacks will get bigger and harder to mitigate in 2017. Both the attacks reportedly generated traffic in the 1 Tbps range, making them the largest ever DDoS attacks to date.

Look for more such attacks in 2017, both in terms of scale and sheer volume. 

A couple of factors will drive the trend. The first, of course, is IoT vulnerabilities. As the Mirai attacks showed, vulnerable webcams, routers and other IoT devices can easily be assembled into massive botnets for launching terabit-scale DDoS attacks. 

The other big factor is the easy availability of malware code for assembling IoT botnets. Soon after the attacks on Dyn and others last year, the author or authors of Mirai publicly released the code behind the malware. This move all but guaranteed an increase in volumetric-, protocol- and application level-DDoS attacks this year.

Best practices such as decentralizing data centers and data center networks, ramping up bandwidth and using DDoS mitigation services will become increasingly important this year as a result of these trends.

Information Warfare 

The attacks on the Democratic National Committee (DNC) website and on electronic voting systems in Arizona and Illinois in the months leading up to the 2016 Presidential election served as an eye-opener on the use of cyber for information warfare.

The attacks raised substantial questions about the integrity of the U.S. electoral system and the potential role of a foreign nation in influencing the outcome of a U.S. presidential race.

The ripple effects of those attacks will be felt this year as the U.S. and its adversaries try to shore up their offensive capabilities in cyberspace. Topics such as cyber deterrence, attribution, and response will assume more importance, as will the use of social media networks for information manipulation and fake news dissemination.

Enterprises will need to pay attention to these developments. Organizations that sell to government or support them can come under attack by nation-state actors or they could be targeted for intelligence gathering and espionage purposes.

As 2017 security strategies are crafted and updated throughout the year, it's important to know the risks of ransomware, IoT, DDoS and information warfare and understand the repercussions that can arise if proper security is not taken. Working with a Managed Service Provider for security options like Security Information and Event Management can help to detect and react in a number of minutes against these threats. 

Have you been personally affected by a cyberattack? What do you do to prevent an attack from happening? Let us know in the comments.

The content and opinions posted on this blog and any corresponding comments are the personal opinions of the original authors, not those of CompuCom.

  • Chris Opat's picture

    Chris Opat

    Christopher Opat leads CompuCom’s Cloud Technology Services (CTS) organization and is responsible for developing and delivering technology offerings designed to support the data center, security, and cloud infrastructure needs of CompuCom’s clients today, tomorrow and in the future. CTS has delivery capabilities covering all aspects of conventional enterprise infrastructure, as well as private, hybrid and public cloud infrastructure.

Comments

IoT is enticing companies to connect their PLCs to their networks but with GxP rules, they are slow to patch an operating system due to certification pains. This creates the perfect storm allowing old threats to emerge in new environments. It will be interesting if this drives companies to improve procedures or unplug their production equipment completely.

Add new comment

By submitting this form, you accept the Mollom privacy policy.

Categories

[x] Close

Sign Up for Email