AppRiver Security Analyst 2018 Predictions
In 2017, AppRiver security analysts remained busy protecting more than 10 million inboxes against malicious attacks. These attacks certainly don’t appear to be slowing down as we head into 2018.
Here are AppRiver’s top cybercrime predictions for the new year:
IoT vulnerabilities will gain further traction
The Internet of Things (IoT) continues to grow, and internet-connected devices are quickly becoming standard for mainstream consumers. There have been very few reports so far indicating that reliance on these devices has caused physical harm to the consumer. Unfortunately, as IoT becomes more widely adopted, we expect these unintended physical consequences will occur.
- Hackers can remotely control some newer vehicles. Security conferences such as DefCon have their own car hacking village to demonstrate various security vulnerabilities.
- Medical devices such as pacemakers and syringe infusion pumps have displayed security holes this past year. MRI/CT scanners, implants and surgical robots are just a few of the other areas of concern where we could see malicious action.
- IoT botnets will continue to evolve, expand, and increase in sophistication.
Ransomware will continue to expand and proliferate
- Global outbreak frequency will increase; examples this year include WannaCry and Petya/NotPeya.
- Ransomware as a service will continue to grow, enabling people with no hacking skill to attack others using this framework. Malware providers typically take a cut of paid ransoms and provide all of the infrastructure.
- Botnets such as Necurs will continue to distribute ransomware on a global scale.
State-sponsored attacks will increase
The distinction between criminal hackers and state-sponsored attacks will be harder to distinguish. A few notable examples:
- This year’s WannaCry attack was reported to be the work of a North Korean project gone awry.
- South Korean cryptocurrency exchanges have been targeted by North Korea.
- Allegedly Russian-backed APT28 attacks have occurred for espionage and other purposes.
Large data breaches will continue
We witness large data breaches every year. However, the severity of the Equifax breach and Uber hack cover-up will increase regulation. Additional security breach notifications laws will be passed regarding incident handling and how companies will be required to be reported to regulators, law enforcement, financial institutions and consumers.
Troy Gill, GPEN, is a Senior Security Analyst at AppRiver. Gill is primarily responsible for evaluating security controls and identifying potential risks. He provides advice, research support, project management services, and information security expertise to assist in designing security solutions for new and existing applications.
This guest blog is part of a Channel Futures sponsorship.