Below is the summary of predictions of cyber events for 2017 from GoveTech.com. Looking back, we can see which cyber security companies and technology organizations were on the mark and which attacks may be on the horizon.
Cloud Generation dynamics define the future of the enterprise
- The enterprise network will expand and become increasingly undefined and diffuse.
- Ransomware will attack the cloud.
- AI/machine learning will require sophisticated big data capabilities.
Cybercrime becomes mainstream
- Rogue nation states will finance themselves by stealing money.
- Fileless malware will increase.
- Secure Sockets Layer (SSL) abuse will lead to increased phishing sites using HTTPS
- Drones will be used for espionage and explosive attacks.
IoT comes to enterprise business
- The proliferation of the Cloud Generation.
- IoT devices will increasingly penetrate the enterprise, leading to increased IoT DDoS attacks.
2) Trend Micro
-“Adobe and Apple will outpace Microsoft in terms of platform vulnerability discoveries.
-call out increasing “cyberpropaganda” as the use of tools and methods to influence elections and public opinion.
- “Dronejacking” places threats in the sky
- IoT malware opens a backdoor into the home
- Machine learning accelerates social engineering attacks
- The explosion in fake ads and purchased “likes” erodes trust
- Hacktivists expose privacy issues
- Threat intelligence sharing makes great strides
- Rise of the Corporate Incentivized Insider Threat
- Voice-first Platforms & Command Sharing — The rise of voice-activated AI to access Web, data and apps will open up creative new attack vectors and data privacy concerns.
-Security integration and orchestration should be considered the benchmarks of new technology investment.
-Religious institutions in Western countries are at the top of the list because they typically lack a robust security program yet maintain contact information and other sensitive data.
-The commodification of attacks along the lines of the 2016 SWIFT heists — with specialized resources being offered for sale in underground forums or through as-a-service schemes, will continue in 2017.
7) Palo Alto Networks
Their items are divided into “sure things” and “longshots".
-A few ‘sure things’ include: “Recruiters Search for Cyber Talent Outside of Security”
-Longshots include: “Companies acquire other organizations to inherit talent.”
8) Watchguard Technologies
-First on their Watchguard list is Ransomworm
-IaaS as an attack platform and surface and new steps in a global cyberwar leading to a civilian casualty.
- Botnet of Things
- Ghosts from the past
- Cyber Fatigue
10) Beyond Trust
-“The first nation state cyber-attack will be conducted and acknowledged as an act of war.
-“Behavioral technologies, such as pressure, typing speed and fingerprints, will be embedded into newly-released technologies.”
“An attack to disrupt or take down a major cloud provider will affect all of their customers’ businesses. While generally disruptive, it would be used as a means to impact a specific competitor or organization, who would be one of many affected, making it difficult to determine motive. There will also be a rise in ransomware attacks impacting cloud-based data centers.”
“Security And Skills Will Temper Growth Of IoT.” (Note that both Gartner and Forrester are using these predictions as lures to buy their more in-depth prediction analysis.)
- The first significant finding in the report is that, “Mobile attacks (Pegasus, XcodeGhost) and vulnerabilities (Stagefright, Heartbleed) are increasing in terms of both number and pragmatism.
- Now is the time to start your Mobile Threat Defense (MTD) initiative.
- No EMM? Mobile Threat Defense protects employees and eliminates privacy concerns.
14) White Hat Security
- Nothing will change. “Attackers will continue to discover and exploit zero-days. Companies large and small will continue to lose data and money to the usual attacks, often because they didn’t take basic security precautions.
- “Destructive DDoS IOT attacks will rise.”
- "As encryption becomes ubiquitous, it has become much harder for security products to inspect traffic, making it easier for criminals to sneak through undetected..."
-IDC leads with: ‘2017 will be worse in every aspect of information security’
-This report, which was focused on Africa, also predicts more consolidating and outsourcing of security
Internet will go down for a day. Also on the list – Tripwire’s prediction that 2017 will bring the return of the worm.
Cyber security student and researcher.
Security Predictions for 2019
Hackin' with Metasploit
Understanding the Reference Monitor
Did the Security Predictions for 2017 Come True?
Cyber Security Executive Order & NIST