2016 was arguably the year when cybersecurity events entered into the global stream of consciousness, from the sabotage of national banks to the hacking of elections. And though we're barely into 2017, the breach announcements have already begun: on January 3rd, a data breach was discovered involving the sensitive data of health workers employed by the US military's Special Operations Command (SOCOM). An increase in government-related security incidents is one of our top predictions for 2017—here are 11 other cybersecurity predictions for the new year.
Last year, 200 million government records worldwide were already compromised by July 31—this surpasses the total for the previous three years combined. The latest SOCOM data breach resulted in the theft of 11GB of data: social security numbers, names, addresses, salaries and more. A misconfigured a data backup on the part of subcontractor Potomac Healthcare was identified as the main cause of the data breach.
Misconfigurations and third party liability will continue to be recurring cybersecurity themes in 2017, especially for enterprises and government entities.
11. Misconfigurations will continue to cause high-profile enterprise and government data breaches.
Last year we saw politics and cybersecurity collide in several massive data breaches, including the exposure of 93 million Mexican voter records due to an improperly secured public-facing cloud database, as well as the exposure of 2 million individuals' personal information on a U.S. political party website—also caused by a misconfiguration. Additionally, the Capgemini and Australian Red Cross Blood Donation Service data breaches were also due to third party misconfigurations.
10. Third party data breaches will increase in frequency and severity.
Search for "free vulnerability scanner" and you'll see plenty of options. So why are breaches due to known vulnerabilities still so common?
As mentioned earlier, the Capgemini and Australian Blue Cross data breaches last year were due to the security failures of third party service providers. 2017 will see a continued digitization of businesses processes, and as a results—more security incidents due to weak links in the digital supply chain. Enterprises will be more concerned than ever with their partners' security postures and risk exposure.
9. Financially-motivated cyber attacks will continue to become commoditized.
Ransomware-as-a-service became a reality in 2016 with Cerber—one of the largest active ransomware rings in operation today—offering up an all-in-one kit for novice cybercriminals in exchange for 40 percent of each ransom paid. Kaspersky Lab predicts that 2017 will be another milestone year for the commodification of financial attacks.
8. IoT-related cyber attacks will increase in scale and severity.
As more enterprises and organizations adopt IoT technologies for managing physical security and other critical use cases, cyber attackers will look to these connected devices for new attack vectors and entry points into privileged networks. Expect to see more enterprise IT assets compromised via IoT-related cyber attacks in 2017 and beyond.
7. More cyber attacks leveraging the Botnet of Things will be launched.
As IoT continues to proliferate the business landscape, so too will related software/hardware vulnerabilities that can be exploited en masse. In Symantec's 2017 predictions, the firm predicts that "IoT devices will increasingly penetrate the enterprise, leading to increased IoT DDoS attacks." The emergence of last year's Mirai Botnet, a massive network of malware-controlled IoT devices, saw unprecedented distributed denial of service (DDoS) attacks causing widespread outages. Unfortunately, Mirai already has a successor this year called Leet that rivals its capabilities.
6. Ransomware will continue to be a major problem.
Last year's San Francisco MUNI's ransomware fiasco resulted in free rides for passengers all weekend; in 2017, ransomware and digital extortion cases will continue to make headlines, but this time attacks will be much more widespread, potentially aided by self-propagating worms such as Conficker, Nimda, and Code Red. With these capabilities, automated attacks will be carried out quicker and in larger numbers than ever before.
5. Healthcare-related security incidents will hit an all-time high.
Cyber attackers will continue to pummel the systems that serve as the backbone of the healthcare industry and—with more private practices and clinics digitizing their operations—enjoy higher success rates. HIPAA enforcement was at an all-time high in 2016 and will likely reach new heights in 2017, given the tendency of small/mid-scale operations to adopt new technologies without first assessing the digital risks.
4. Transportation enterprises will suffer catastrophic security incidents.
2016 was also the year of widespread public havoc due to transportation system downtime—outdated systems, unpatched software and glitches were the main causes. This year, cyber attackers will surely poke and prod at these publicized exposures for weaknesses to compromise, and some will invariably find a way in.
3. Cyber attacks will become more menacing and destructive.
Many claim that cyber attackers successfully influenced the outcome of an election for the first time in 2016; if this is the case, it certainly won't be the last. And as geo-political tensions escalate across the globe, more critical cyber attacks will be launched against critical infrastructure systems and other IT assets of national importance.
2. Small and medium-sized businesses will increasingly be targeted for exploitation.
According to a recent PwC report, 74% of small/medium businesses (SMBs) have experienced a security issue in the last 12 months. Indeed, SMBs are often perceived as low hanging fruit by cyber attackers—and they subsequently make up the majority of ransomware victims. With PoS-scraping malware and mobile threats on the rise, 2017 will be especially challenging for small retail operations and storefronts using both standalone and mobile point-of-sale (PoS) devices.
1. Enterprises will experience an increase in data breaches due to insider threats.
As cybersecurity vendors up their game to counter sophisticated attackers, nefarious actors will increasingly look to other methods for unlawful digital entry (e.g., gaining physical access, misleading employees with false content, impersonating officials). An increasing number of these insider attack incidents will be carried out by disgruntled employees and contractors.
Suffice to say, all indicators point to 2017 being an especially active year in the cybersecurity arena. In the face of these daunting security challenges, what chance do enterprises have of making it out unscathed? Unfortunately, the answer is not much; that said, key to survival in today's digital business landscape is resilience, not impenetrable defenses—if there is even such a thing. Through resilience measures, firms can protect the most important IT assets first, mitigate risk, and minimize losses when inevitable data breaches do occur. Learn more about what the leading cyber resilience platform on the market can do for your organization today—give UpGuard a spin, it's free for the first 10 nodes forever.
How CSTAR Works What's In the Website Risk Grader? Understanding Risk in the 21st Century
All the information needed to perform a CSTAR assessment is bundled into the UpGuard platform. Learn more about CSTAR.
Read Article >
The UpGuard Website Risk Grader provides a low friction way to get an initial assessment of a business' risk profile.
Read Article >
And as we enter 2016, the risk of data breaches in particular threatens to hamper business innovation.
Read Article >