Five Cybersecurity Predictions For 2017

January is the time for predictions. And while we can't tell you what stocks to buy this year or which team will win the Super Bowl, we can offer some cybersecurity forecasts.

Prediction 1: Ransomware attacks will skyrocket as victims continue to pay up.

A criminal breaches your company's network and encrypts its files or locks its machines. To regain access, you must pay a ransom, usually by bitcoin transferred to an email address.

It's called a ransomware attack. And from April 2015 to March 2016, more than 718,000 of them were recorded. Don't be surprised if that number tops one million this year.

Why? Because it's highly profitable for cybercriminals. Two-thirds of targeted companies pay up rather than call law enforcement, contact a security expert, or revert to backup systems (if they have them).

Actually, calling law enforcement probably won't do any good. The FBI's official stance is not to tell companies what to do. However, the agency doesn't discourage coughing up the bitcoin. "The ransomware is that good," explained Joseph Bonavolonta, assistant special agent in charge of the cyber and counterintelligence program in the FBI's Boston office. "To be honest, we often advise people to just pay the ransom."

This kind of thinking may explain the trend of companies now stockpiling bitcoins, anticipating a ransomware attack.

Prediction 2: A major hospital will violate HIPPA regulations by using an unsecured smart medical device.

The healthcare industry currently loses $5.6 billion each year to data breaches. The explosion of IoT devices within healthcare threatens to dwarf that figure.

These devices provide a number of healthcare benefits. They enable more effective monitoring, therapeutic stratification, and more targeted interventions. This cuts healthcare costs and improves patient outcomes.

However, IoT devices also provide plenty of targets for hackers. According to an HP study, 70 percent of current IoT devices are vulnerable to an attack.

There are many reasons for this. Manufacturers often are not aware of the specific healthcare cybersecurity needs. Subsequently, they do not incorporate necessary safeguards. Hospitals are slow to replace vulnerable hardware and devices with less risky options. And IoT device users often never change default usernames and passwords, making it easy for attackers to use the devices as botnets.

Unsecured devices could lead to more than HIPPA violations or data thefts. These devices control or monitor tens of thousands of insulin pumps, pacemakers and other medical equipment. It's not hard to imagine a terrorist someday choosing to take a life rather than data.

Prediction 3: As cybercriminals migrate from the black market to the stock market, new targets will emerge.

Hackers follow the money. When medical files began bringing up to 10 times more money on the black market than credit card numbers, healthcare hacks exploded.

These days, sophisticated cybercriminals realize the real money isn't volume-driven black market sales. It's in ransomware attacks and an endeavor once thought available only to Wall Street wizards.

Insider trading.

Always the ultimate outsiders, cybercriminals are now becoming "insiders" through securities fraud. Here are a few examples:

  • Chinese traders allegedly hacked into the computer systems of seven U.S. law firms that handle mergers. They used the data for insider trading that generated more than $4 million.
  • Ukrainian hackers infiltrated three business newswires and made off with about 150,000 yet-to-be-published press releases containing financial information. They used this information to make trades that allegedly generated nearly $30 million.
  • A former Expedia IT expert stole passwords and infiltrated devices of the company's CFO and head of investor relations. He then made a series of trades that scored him $331,000.

Until recently, law firms and public relations companies never viewed themselves as hacker targets. Today, they are. As cybercriminals look for new information sources to mine, public companies and their vendors should be very wary in 2017.

Prediction 4: Cyberterrorists will create a major U.S. power outage.

In 2014, systems of 17 energy companies were cyber-penetrated. Attackers stole data and gained private network access.

In December 2015, cyberterrorists took down a Ukraine power grid. Dozens of substations were disabled, leaving nearly a quarter of a million residents in the dark for about six hours. It was the first confirmed hack to take down a power grid.

Last month, a high-voltage substation in the Ukrainian capital of Kiev turned off suspiciously, knocking out electricity to the northern half of the city. And in the U.S., malicious software supposedly linked to the Russian group that hacked the Democratic National Committee was found on a computer at Burlington Electric in Vermont. Fortunately, the laptop was not connected to the grid.

Our power grid is in the crosshairs. Those crosshairs may belong to Russia, China, Iran or a combination of countries. It's only a matter of time before we're attacked. Unfortunately, given the geopolitical climate, we think that time might be this year.

Prediction 5: Security will be the #1 driver of cloud storage strategies.

When the cloud was introduced, security wasn't a selling point. Now it's a sticking point.

"What's happening now is that those companies [IBM, Google, Amazon and Microsoft] never built their clouds with security as one of the number one or even number two requirements," explained Chris Schueler, SVP of MSSP Trustwave. "It was speed, availability and expansion. That was the three criteria everybody built their clouds on."

This year thousands of companies large and small will adopt public infrastructure-as-a-service (IaaS) platforms – also known as cloud-based services – like Amazon AWS and Microsoft Azure. As a result, they will become faster, more efficient and more competitive.

They will also become more vulnerable to hackers. Just ask Home Depot, iCloud, Sony, the IRS, Target...well, you get the picture. Opinions as to why the cloud is susceptible to cyberattacks vary, e.g., complacent or uninformed employees, ill-prepared vendors, legacy networks, etc. What isn't debated is that they are susceptible.

"In 2017, I expect to see attackers increasingly leverage public IaaS both as a potential attack surface and as a powerful platform to build their malware and attack networks," warned Watchguard CTO Corey Nachreiner. "There'll be at least one headline-generating cyberattack either targeting or launched from a public IaaS service."

Let's hope that headline-grabber isn't you.

----------

At Dispersive, we may not be experts at predicting the future, but we're great at helping you prepare for it.

Our software-defined networks can change the way you use the Internet. They feature everything from advanced encryption to microsegmentation techniques. We can divide your network by device, user and service to block unauthorized users. We can even ensure your protected devices are "invisible" and unresponsive to anyone who is not an authorized participant.

We welcome the chance to talk with you about all this. Email us at info@dispersivegroup.com or call us at 1-844-403-5852.