View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 13, 2016updated 13 Jan 2017 11:40am

Cyber security 2017: Evolution not revolution?

Will next year in cyber security simply bring more of the same: ransomware and phishing?

By Alexander Sword

Cyber security seems a hard industry to make predictions for, considering that the success of a cyber attack depends largely on it being unpredictable.

Or so it would seem. Because what really seems to emerge from speaking to cyber security experts about the threats on the horizon in 2017 is that the major threats from this year will evolve and continue to wreak havoc.

This year’s Verizon Data Breach Investigation Report found that most attacks exploit vulnerabilities that are known and have not been patched even though patches may have been available for months or years. The top 10 known vulnerabilities accounted for 85 percent of successful exploits, while 63 percent of confirmed data breaches involved using weak, default or stolen passwords.

It is likely that this will continue to be the case until cyber security professionals get their act together and start handling the basics. While awareness of cyber risk is increasing each year, the increasing number of widely publicised breaches in 2016 does not seem to have provided a watershed in adoption of basic cyber security practices.

For example, FireEye CEO Kevin Mandia said at a recent roundtable that sophisticated zero-day attacks are mainly reserved for attacks by nation-backed actors.

A key example of this was provided in 2016 when Citizen Lab and Lookout Security were contacted by Ahmed Mansoor, a member of Human Rights Watch’s advisory committee, who was sent two text messages containing hyperlinks and promising information about detainees in United Arab Emirates prisons.

ransomwareThe firms found that the attack was using three critical iOS zero-day vulnerabilities, collectively termed Trident, that together form an attack chain that subverts Apple’s security environment. The description ‘zero-day’ means that the attack was found ‘in the wild’ or in active use by cyber attackers, rather than discovered by security researchers in a lab.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

These attacks exist, but mostly they will be saved for high-value targets like Mansoor. Why waste an advanced cyber attack when the basics are working? Cyber criminals want to maximise their returns just like any other business.

So perhaps it should be no surprise that ThreatQuotient CEO John Czupak identifies spear phishing and ransomware as his top two threats for 2017: attacks that have been prevalent in 2016.

As he says, these attacks remain “easy to do and lucrative”.

Ransomware is malware that encrypts files on a victim’s device and forces them to pay a ransom to the attacker before they can access the files.

Steve Ginty, PassiveTotal co-founder and security researcher at RiskIQ, believes that we will continue to battle ransomware through 2016.

“The minute we come up with good defences, the actors immediately evolve to those defences. But something you will see is more visibility into those attacks.”

Ransomware was a theme on Kaspersky Lab’s list of 2017 predictions. The firm suggested that more threat actors would get into the space, potentially undermining the basic principle of payment in exchange for decryption.

Ginty of RiskIQ also believes phishing will remain a major issue next year.

“Phishing is still successful because it is exploiting humans. We can control for a lot of things: identify phishing sites and phishing emails,” says Ginty. “But we are still relying on our end users to be vigilant and not click things or surf to those sites.

“That’s always going to be a hurdle. Even most of the advanced actors still use email as an avenue into an environment.”

Essentially, until we start challenging cyber criminals we don’t need to expect any big advances in their capabilities.

Topics in this article : , ,
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.