11 Cyber-Security Predictions for 2017
-
11 Cyber-Security Predictions for 2017
These 11 cyber-security predictions deal with automated malware attacks, Shadownet, cloud poisoning, Ransomware-as-a-Service and attacks on smart buildings. -
Automated and Humanlike Attacks
Expect malware designed with adaptive, success-based learning to improve the success and efficiency of attacks. This new malware will understand the environment it is in and make calculated decisions about what to do next. -
Malware With AI-like Code
Next-generation malware will have more complex decision-making trees instead of the "if not this, then that" code that's a precursor to AI. When it encounters a conditional jump it has seen before, it will make a prediction and become more efficient. -
Autonomous Malware Attacks the IoT
Autonomous malware, including transformers to target cross-platform applications and spread between platforms, could have a devastating effect on connected devices. -
IoT Makers Will Be Held Accountable for Breaches
More attacks will target IoT devices, which are built with highly vulnerable code and distributed by vendors with no security strategy. Furthermore, these devices are "headless," that is, you can't add security or update their software or firmware. -
IoT-Targeted Attacks to Become More Sophisticated
Attacks targeting IoT devices will become more sophisticated and will be designed to exploit the weaknesses in the IoT communications and data-gathering chain. -
Rise of the Shadownet
Growth of massive Shadownets, which are IoT botnets that can't be seen or measured using conventional tools. The first step: targeted DDoS attacks combined with demands for ransom. Second step: collecting data, targeting attacks and obfuscating other attacks. -
Legislation for IoT Manufacturers
Unless IoT manufacturers take immediate action, they will suffer economic loss and legislation that will hold them accountable for security breaches related to their products. -
Cloud's Weakest Link: Remote Devices
The weakest link in cloud security lies in the millions of remote devices accessing cloud resources. Expect attacks designed to exploit endpoint devices resulting in client-side attacks that target and breach cloud providers. -
Cloud Poisoning
Expect compromised endpoint clients to inject malware into cloud-based offerings, a process known as cloud poisoning. -
Attacks on Smart Buildings
Hackers will target building automation and management systems and will potentially hold buildings for ransom by locking doors, shutting off elevators, rerouting traffic or simply turning on the alarm system. -
Continued Growth of Ransomware as a Service
There will be continued growth of ransomware as a service, as criminals with no training or skills can download tools and point them at a victim in exchange for sharing profits with the developers. There also will be more focused attacks against high-profile targets.
A new forecast predicts that automated malware attacks will have a devastating effect on the internet of things (IoT). It also predicts the rise of the Shadownet (IoT botnets that can't be seen or measured using conventional tools), cloud poisoning, more growth of Ransomware as a Service, and attacks on smart buildings. The report, "Fortinet 2017 Cyber-Security Predictions: Accountability Takes the Stage," based its predictions on cyber-security trends this year. The digital footprint of businesses and individuals has expanded, thus increasing the potential attack surfaces; everything is a target and anything can be a weapon; threats are becoming intelligent, can operate autonomously and are increasingly difficult to detect; and old threats are returning but are enhanced with new technologies. According to the report, "This demand for connectivity, and the need to address its associated risks, will create serious challenges for emerging countries, traditionally disconnected markets, and smaller companies adopting digital business strategies for the first time." Some key predictions are highlighted here.