Technology’s fast rate of growth is quite exciting to see unfold. Though with more technological breakthroughs comes risks; risks that can be caused by certain vulnerabilities in new tech, that can be taken advantage of by cyber-criminals. With the increasing risks in information security, Symantec has listed their predictions for system security for 2017 and beyond.
A new era of cybercrime
- Rogue nation states will finance themselves by stealing money online. There is a dangerous possibility that rogue nation states could align with organized crime for their personal gain, such as what we saw in the SWIFT attacks.
- Fileless malware will increase. Fileless infections – those written directly onto a computer’s RAM without using files of any kind – are difficult to detect and often elude intrusion prevention and antivirus programs.
- Secure Sockets Layer (SSL) abuse will lead to increased phishing sites using HTTPS. The rise in popularity of free SSL certifications paired with Google’s recent initiative to label HTTP-only sites as unsafe will weaken security standards, driving potential spear-phishing or malware programs due to malicious search engine optimization practices.
- Drones will be used for espionage and explosive attacks. This could be seen in 2017, but is more likely to occur further down the road. By 2025, we can expect to see “dronejacking,” which will intercept drone signals and redirect drones for the attacker’s benefit.
IoT devices offer new revenue streams for cybercriminals
- Connected cars will be taken for ransom. As cars start to have connected capabilities, it is only a matter of time until we see an automobile hack on a large scale. This could include cars being held for ransom, self-driving cars being hacked to obtain their location for hijacking, or other automobile-focused threats.
- IoT devices in the enterprise will increase points of exposure. Beyond looking simply at computers and mobile devices for vulnerabilities, incident response teams will need to consider thermostats and other connected devices as jumping points into the network.
- Increased IoT DdoS attacks. As more IoT devices are installed in the mass market, the risk of security breach will increase. Once insecure devices are in the market, it becomes almost impossible to fix the issue without recalling them or issuing security updates.
Hacks in the cloud
- Ransomware will attack the cloud. Given the significant shift towards cloud-based storage and services, the cloud is becoming a very lucrative target for attacks. The cloud is not 100% secure, so there will be a shift in where enterprises need to defend their data.
- Machine Learning will require sophisticated Big Data capabilities. As new forms of machine learning and AI continue to enter the market, enterprises will need to invest in solutions that have the capabilities to collect and analyze data from the countless endpoints and attack sensors across different organizations, industries, and geographies.