Securezoo Articles
Article Topics   
By Frank Crast, 1/12/2017

We have compiled some good threat predictions by four leading cyber security companies to include Symantec, McAfee, Forcepoint and Palo Alto Networks. These cyber experts offer some common themes, but also some outlier predictions that will be interesting to see if they come true. Some of the topics include predictions in cyber recruiting, ransomware, DDoS, IoT and SSL abuse just to name a few. 

Starting off with some of the most interesting predictions for this year, check out Symantec's blog "Security in 2017 and Beyond: Symantec's Predictions for the Year Ahead." Symantec offers what they expect to see in the cloud, cybercrime and Internet of Things (IoT). 

Symantec: "Security in 2017 and Beyond"

"Cloud generation will change future dynamics"

The enterprise network will expand given the workforce will become even more mobile than ever and most enterprises will invest more into WiFi and cloud services. Companies will be short sighted by just protecting on-premise networks. 

Symantec also predicts that ransomware will attack the cloud. For example, more organizations depend on cloud-based storage, a lucrative target by cyber criminals. Breaches and loss of availability of critical data could result in multi-million dollar losses. 

Artificial Intelligence (AI) and machine learning will also require big data capabilities. 

"Cybercrime becomes mainstream"

Symantec thinks Cybercrime will go mainstream in the following areas that are worth highlighting: 

  • Rogue nation states could align with cybercrime syndicates in effort to steal money and finance their coffers (see "SWIFT" attack)
  • "Fileless malware" will increase in the number of infections that write to computer RAM, most likely through Powershell attacks. 
  • SSL abuse by cybercriminals: led by the increase in sites using HTTPS (e.g., popularity in free SSL and Google's initiative to label HTTP-only as insecure). 

"IoT comes to enterprises" 

There will be a continuation of the "cloud generation" or employees that use wearables, virtual reality and other IoT-connected devices in the enterprise. Thus, IoT devices could be used by cyber criminals to exploit vulnerabilities and will be used to penetrate enterprise networks, such as increased Denial of Service (DoS) attacks.

See the Dyn attack for a good example of what we could see more of in 2017.

McAfee: 2017 Threats Predictions

McAfee Labs published a recent report titled "2017 Threat Predictions," that highlighted some key threats they predict will happen this year: 

  • Ransomware will peek in mid-year, then go down in second half of the year.
  • Major enhancements will happen in threat intelligence sharing.
  • There will be more cooperation between security vendors and law enforcement agencies.
  • Physical and cybersecurity will edge together.
  • There will be an "erosion of trust" in the internet as more "fakes" (e.g., fake product likes, reviews, etc.) will undermine consumer confidence.
  • Machine learning will be used to enhance socially engineered attacks. 

Each of the topics are discussed in more depth in the McAfee report, along with recommended guidance organizations can use in short-term and long-term planning efforts. We also expanded on the cloud-related threats from the report in our previous article "11 Cyber Threats to Cloud Security." 

Forcepoint: "Age of Convergence" and 10 predictions

Forcepoint published an excellent report titled "2017 Security Predictions," that includes ten (10) cyber threat predictions that are summarized below. Forcepoint predicts that the cyber and physical worlds will converge and cause a tipping point. 

  1. Digital battlefield - the new "cold war"? For example, more countries will be capable of carrying out disruptive or destructive cyber attacks to meet their own political objectives. Cyber weapons and strategy required for offense and defense will become as important as physical weapons during a conflict.
  2. Millenials in the machine -- as more millenials join the workforce, this will change cultural norms and lead to more common and accidental data breaches. Millenials grew up on social media and will have different concepts of data privacy.
  3. Compliance and data protection - corporate and social responsibility for protecting personal data will become a reality.
  4. Rise of corporate-incentivized insider threat - misuse of personal data by corporations to meet profit and growth expectations.
  5. Technical convergence and security consolidation - cybersecurity enterprises will buy smaller security vendors, forcing others not part of Mergers/Acquisitions to exit the industry. 
  6. The cloud will be an expanding threat vector - risks of hypervisor hacking may rise; DoS attacks will rise against cloud service providers.
  7. "Voice-first" platforms and command sharing - the number of apps designed to leverage voice activation artificial intelligence (like Siri and Alexa) will explode and become a new threat vector. 
  8. AI and rise of "autonomous machine hacking" - designed to automate and seek out vulnerabilities on networks; this threat will far outpace SecOps teams capabilities and may impact global stability. 
  9. Ransomware escalation - not expected to go away given so much success in 2015 and 2016; the number of exploit kits containing ransomware doubled from March to July of 2016 and will only continue to be a threat this year. 
  10. Abandonware vulnerabilities - more legacy, out-of-date and unsupported tools will be vulnerable to hacking

To me, many of these threats seem possible and even probable -- especially the ongoing trends to include ransomware, abandonware, regulatory changes and millenial "cultural" challenges when it comes to privacy.

After just getting an Amazon Echo for Christmas and enjoying conversations with Alexa to get the latest news and weather forecasts, "voice-first" attacks don't see that too far fetched either given how such platforms could be misused.  See the latest hilarious, yet scary story on how a six year old "went rogue" and used the Echo to order stuff without permission. 

Palo Alto Networks: 2017 Cybersecurity Predictions

Palo Alto Networks published a series of blogs titled "2017 Cybersecurity Predictions," to include ransomware attacks on critical infrastructure, automation in threat intelligence sharing, cyber recruiting and IoT security to name a few. 

Successful ransomware attacks to cause critical infrastructure downtime, similar to the most notable events in past couple of years:

  • Successful ramsomware attack on concrete manufacturer that caused significant downtime. 
  • Breach of an Electric Authority, that intersects with many organizations that manage the local grid. 
  • Breach of municipality owned Electric and Water Utility, which resulted in $2M in remediation and legal costs. 
  • E-ISAC reported ransomware targeting ICS.

Automation and playbook models take on key roles in threat intelligence sharing

  • There will be more opportunities for vendor industry peers to continue increasing threat intelligence sharing by "crossing last mile with threat intelligence."
  • Organizations need more automation to read intelligence, decide what intelligence is pertinent to them, then craft detection and prevention controls to deploy and automatically mitigate threats (vs. manual). 

Recruiters to search for talent outside of security

  • There are a larger number of IT and security focused talent in the armed forces that recruiters can tap into. 
  • "Next generation" talent - large research universities will incorporate cybersecurity into curriculum (student will benefit from getting security knowledge prior to entering workforce). 
  • Need for non-technical security professionals (e.g., sales/marketing, finance, accounting, HR).
  • Need for good marketers and "storytellers."

Similar to other security experts, Palo Alto also predicts that cloud service providers will confront IoT security:  

  • Cyberattackers will continue to target service providers by tapping into the world wide network of IoT and related services
  • Cybercriminals will exploit mobile users and mobile devices infections will exponentially increase. 
  • Cloud providers will need to adapt to the threat by enhancing their cyber security defenses and further protect their customers. 

That rounds out just a few predictions for 2017 from cyber security experts. It will be interesting to see how many of these come true. 


Topic: Cloud Computing Security, General Security Awareness, Malicious Software Controls