Daily Management Review

Major cyber threats in 2017


Japanese company Trend Micro analyzed actions of hackers in 2016 and used the conclusions to draw up a list of major cyber threats for 2017. The researchers predict only individual companies, but also whole countries will be subject to attacks in the coming year.

"Next year, the industry of cyber security will break new ground. In 2016, cybercriminals diversified methods of attacks and types of attacked targets, - says Raimund Genes, Chief Technology Officer at Trend Micro. - We predict emergence of new methods of attacks on big corporations, expansion of online extortion tactics which will affect wide range of devices and applications, as well as cyber propaganda methods to manipulate public opinion."

Experts predict that the Internet of Things (IoT) and the Industrial Internet of Things (IIoT) will play an increasingly important role in implementation of targeted attacks in 2017. These attacks are highly profitable because of wide popularity of portable devices, and possibility to exploit vulnerabilities or unprotected enterprise systems to disrupt business processes in companies. Increased use of mobile devices for monitoring control systems in manufacturing and infrastructure facilities in conjunction with a large number of vulnerabilities found in these systems will pose a real threat to organizations.

Growth in number of new families of Ransomware programs will slow down and will reach about 25%, however their impact will spread of IoT devices, PoS-terminals and ATMs. Researchers say developers will not be able to timely protect IoT devices and industrial items from DoS- and other types of attacks.

It is noted that the Ransomware market is being reshaped into "Infrastructure as a Service" (IaaS) type, where an operator leases computing powers to cybercriminals. Thus, even unpracticed criminals may commit illegal actions. In 2016, some source code of ransomware programs were downloaded into Internet, so that their volume increased by 400% in the period from January to September. Analysts predict that attacks on mobile devices will be next after encroachments on PCs. Given extensive user base, this segment looks extremely attractive for cybercriminals.

Experts believe that users of Apple products and the Adobe are at the greatest risk since analysts have found numerous vulnerabilities in the products of these brands in 2016. Experts concluded that cyber attacks on Apple devices would only intensify. By the end of 2016, number of soft spots in Apple devices increased grew, which, in turn, led to malicious attacks and emergence of 50 new threats.

Corporate e-mails are believed to be another serious threat. "We see how the cyber criminals continue to adapt to the ever-changing technological landscape, - said Ed Cabrera, the company's Chief Cybersecurity Officer. - Significant jump in number of new cryptoware in 2016 started to diminish, so hackers will be looking for new ways to use existing versions of such programs."

Experts also warn about dangers fake news spread in social networks. They say that about 46% of the population of our planet has access to the Internet now. Therefore, cyber propaganda, aimed at manipulating public opinion, may become a serious issue.

Recently adopted General Data Protection Regulation (GDPR) will cause changes in regulations and administrative procedures. This will have a significant impact on costs of organizations and require them to complete revision of data processing to meet the new requirements.

New methods of targeted attacks are aimed to evade modern detection technologies and launch attacks on companies in various fields.

source: eweek.com