The cybersecurity threat landscape is constantly changing. This, at least, everyone can agree upon. Just when we find the key to unlock one strain of ransomware, there are two new ones released in its place. Because of this dynamic nature, it may seem rather futile to make any sort of prediction about what the future will bring. But, with cyber threat actors becoming increasingly agile, it is important to try and predict their next moves, especially when we have DARKINT to help in this work.
Looking back at recent developments - no matter the pace of change - has helped us to determine what to expect in the near future. Here are our high-level predictions of four major cybersecurity threats to prepare for in 2017.
The relatively low risk and high rate of success associated with ransomware will almost certainly see its continued success in 2017. As the human elements persist, and unsuspecting targets continue to click on malicious links, and open attachments from (increasingly sophisticated) phishing emails, ransomware will continue to find rather easy access to systems.
When denied access to files often quickly impacts the bottom line - or even becomes a life-or-death situation in the case of ransomware in the healthcare industry - it is easy to understand why the majority of victims pay up. Because of these successes, new technologies will continue to arise around ransomware. Until such attacks lose their effectiveness, we believe they will continue and take on different variations for the foreseeable future.
Nation State Actors
After wreaking havoc during the recent election U.S. presidential election cycle, and seeing an almost ever-increasing level of media coverage and notoriety, nation state actors will continue to be a threat in the cybersecurity realm in 2017. Working directly or indirectly for a government, nation state actors have access to the funds and the tools to cause events at an international level. Governments are expanding their cybersecurity capabilities as cyber attacks multiply and intensify in nature, and many will turn to this approach.
While phishing activities form the basis of many further cybersecurity threats, we consider phishing a threat in its own right. As mentioned above, under the guise of ransomware, these already highly successful scams are leveraging new tools and tactics to appear more and more authentic. For example, posing as a well-known company, such as Apple, that may attract more attention than the average email, as a company's C-level executive requiring a wire transfer from the victim during a work trip, or as a company's external tax contractors needing additional tax documents.
The bottom line is that attackers are stepping up their game, doing background research and preying on the weakest link in information security - the human factor.
Mobile Application Exploits + IoT
As IoT continues to grow and customers demand mobile support for just about everything they do, businesses turn to a variety of mobile devices to deliver information to their customers. Cybercriminals will, of course, continue to move with their targets, and we've seen an increase in the availability of mobile application exploits.
We anticipate attackers moving to continually more creative gateways in order to access sensitive information. Not only does the myriad of internet-connected equipment in use by organizations open up new and additional vulnerabilities, the millions of unsecured devices used by businesses and consumers are helping to orchestrate all manner of attacks, as we saw in last October's massive internet outage believed to be caused by an IoT vulnerability leveraged by the Mirai botnet.
While no one can predict the future, 2016 has given us a glimpse of several threats to come. We'll have to see which of these ring true as we move further into 2017, so stay tuned!