At the end of each year, it’s natural to reflect upon what’s happened, and to think about what it means for next year. But before talking about the future of information security, it’s important to understand the big themes in computing that got us here today.
Technology continues to evolve at a rapid pace, and in 2016, some overarching themes in computing were the Cloud, the Internet of Things and artificial intelligence. These technologies are changing the way we live and work. They provide us ubiquitous access to family and friends, our jobs, our favorite brands and services, and so much more.
While there is limitless potential for how humanity can excel by using these technologies, they have negative implications as well. For example:
Cloud: The cloud empowers both large enterprises and SMBs by streamlining IT organisations and reducing budgets via outsourcing key infrastructure and services. While there are many positives, the cloud has also fundamentally changed how we must interact with, and secure, our networking services. In a nutshell, we have to place our trust in someone else.
Internet of Things: Now, every device from our refrigerators, home heating systems, and smart watches, can connect to the Internet and the Cloud I just talked about. IoT comes with countless positives; it powers smart home automation, can revolutionide manufacturing, and will improve medical care. But, it also exponentially increases the connected attack surface and resources available to bad guys.
Artificial Intelligence: Over the past few years, researchers and companies have made great advances in machine learning. This helps computers to learn from huge sets of data in order to better assist us. Self-driving cars aren’t possible without AI. How do you teach a car how to not hit a dog, or to stop at the right type of sign? It’s possible because of artificial intelligence and machine learning. And while researchers are busy applying AI to a variety of scenarios which will benefit people, attackers are surely considering how they can use AI to create smarter and more sophisticated malware or attacks.
Top Security Trends:
The Cloud, Internet of Things, and Artificial Intelligence are all fantastic technologies that are helping our businesses, and increasing our quality of life. But they’re also increasing IT complexity and network security challenges. Before diving into our security predictions, here are some major trends in network security:
Authentication: One of the foremost tenants of security is trust. When you put things online, you decide who you trust, and want to connect to you and your data. This trust is entirely based on authentication. But over the years we’ve seen countless data breaches leading to millions of leaked passwords. The primary mechanism we use to identify who we are on the Internet—passwords—seems to be breaking down. How do we “trust” on the Internet if we can’t rely on how we authenticate the “people” and devices we put online.
Evolving Attacks: Meanwhile, attackers have not been stagnant. As new technologies come out, they evolve their attacks to be more effective. As the Cloud, IoT and AI become increasingly prevalent, hackers adjust their tactics and create more evasive malware and new attack vectors that exploit previously hidden vulnerabilities.
Nation State Cyber Warfare: Previously, the security industry was primarily focused on cyber criminals.However, the current geo-political environment has changed that, and we now see nation states participating in cyber attacks. They are putting sophisticated engineers to the task of infiltrating other countries and/or large businesses. This changes the cyber security ecosystem, creating attacks that are more sophisticated and dangerous.
Everyone is a target: Finally, we know that the scope of targets has increased. Hackers are not only targeting the big companies. There is a misconception among small and midsized businesses that because they don’t have huge amounts of intellectual property, they won’t be attacked, but that’s a fallacy. SMBs have customer data that bad guys can steal, and computing resources that attackers want. Everyone is a target.
Security Predictions:
Are technologies like the Cloud, the Internet of Things, and Artificial Intelligence leading to society to a utopian existence, or a scary dystopia? I believe that technology is benign, and can be used both to help or to hurt. Nuclear fission is a great example; It can improve lives by giving us a powerful energy resource, or it can be weaponised. So while amazing technology can create opportunities for us to live better lives, malicious hackers can also use those technologies against us.
This year, for each of these technology and security trends, we have specific predictions about network security threats we might face.
1. Prediction: 2017 will see the first ever Ransomworm, causing Ransomware to spread.
Cybercriminals will take ransomware to the next level in 2017 by introducing the kind of auto-propagating characteristics traditionally found in network worms like CodeRed and Conficker. That’s right, imagine a breed of ransomware designed to produce endless duplicates of itself, spreading the infection across an entire network. Whether you want to contemplate this scenario or not, it’s only a matter of time before self-spreading ransomware – or ransomworms – begin to wreak havoc.
According to the FBI, just in the first quarter of 2016, cyber criminals used ransomware to steal over US $209 million from U.S. businesses. A recent ransomware report from Trend Micro revealed that the first half of 2016 showed a 172% increase in ransomware compared to the entirety of 2015.
2. Prediction: Attackers will exploit infrastructure-as-a-service (IaaS) as both an attack platform and attack surface.
Cloud adoption is growing at an incredible rate among organizations of all sizes. As these platforms have become increasingly engrained in the fabric of businesses’ operations, they’ve also become a ripe target for criminal hackers. Public infrastructure-as-a-service (IaaS) will be leveraged as both a potential attack surface, and as a powerful platform to build criminals’ malware and attack networks. Expect to see at least one headline-generating cyberattack either targeting, or launched from a public IaaS service next year.
RightScale’s 2016 State of the Cloud report showed that 71% of SMBs are running at least one application in AWS or Azure. In addition, according to a 2015 KPMG Technology Innovation Survey, the cloud is one of the primary technologies driving business transformation.
3. Prediction: IoT devices become the de facto target for botnet zombies
In 2016, the Mirai IoT botnet source code was leaked, enabling criminals to construct enormous botnets and launch gigantic distributed denial of service (DDoS) attacks with record-setting traffic. Now that hackers are weaponising IoT devices in this way, we can expect them to expand beyond DDoS attacks in 2017. The pure volume of Internet-connected devices that are manufactured full of vulnerabilities presents a shiny new attack surface that hackers are sure to use to their advantage. In the coming year, we’ll see criminals launch specialised IoT botnet click-jacking and spam campaigns to monetise these new attack methods the same way that traditional computer botnets were monetised.
In 2016, a botnet of infected IoT devices enabled a devastating DDoS attack that reached more than 1Tbps of traffic; the largest ever recorded.
4. Prediction: In 2017, we’ll see civilian “casualties” in the Cyber Cold War.
With the nation state cyber cold war well underway, expect to see at least one “civilian” casualty as collateral damage in 2017. In the past several years, nation states have allegedly damaged enemy nuclear centrifuges using malware, stolen intellectual property from private companies, and even breached other governments’ confidential systems. For some time now, the U.S., Russia, Israel, and China have been mounting strategic cybersecurity operations and hording zero-day flaws to use against one another. This government practice of building up arsenals of vulnerabilities – rather than helping vendors fix them – will undoubtedly lead to an unsuspecting private business or citizen falling victim to an undisclosed zero-day exploit.
5. Prediction: Under siege by cyber criminals, SMBs turn to small MSSPs for cyber security.
As they continue to be aggressively targeted by cyber criminals, small and medium businesses (SMBs) will continue to make network security a higher priority. With small IT teams and rarely any dedicated security professionals on staff, and without the resources to configure, monitor or adjust their own security controls, SMBs will recognise that their friendly neighborhood managed service provider (MSPs) may be the solution. As a result, MSPs will continue to add security services to their basic IT offerings. In 2017, at least a quarter of small businesses will turn to more specialized managed security services providers (MSSPs) for their security needs, and this percentage will continue to increase each year.
According to a survey by the National Small Business Association, half of all SMBs experienced some sort of cyber incident in 2014.
6. Prediction: Increased biometrics usage hides continued credential insecurity; passwords aren’t really gone.
In the face of countless credentials breaches over the past several years, biometric solutions like fingerprint scanners for authentication will continue to rise as a popular alternative to passwords. These frequent breaches have also brought into question whether or not passwords should be part of the authentication solution at all. The widespread adoption of biometrics as a convenient alternative to remembering passwords, and as the primary method for authentication in 2017 will not erase the fact that weak passwords are still hiding in the shadows – a core part of operating systems and just as vulnerable as ever.
In 2016, Yahoo lost 500 million user credentials, Dropbox lost 68 million credentials, and Mail.ru lost 25 million credentials.
7. Prediction: Attackers start leveraging machine learning and AI to improved malware and attacks.
Cyber security companies will come to a rude awakening when it becomes clear that they don’t have a monopoly on machine learning in 2017. Machine learning has done far more than any human could to help the security industry become more predictive and less reactive in the fight against malware. By analyzing gigantic datasets and huge catalogs of good and bad files, these systems can recognize patterns that assist information security pros in rooting out never before seen threats. Next year, advanced cyber criminals will turn the tables and begin leveraging machine learning themselves to cook up new and improved malware to challenge machine learning defenses.