By James Liyod of The SSL Store™
2017 promises to be a major year in the evolution of cybersecurity, specifically as it relates to encryption.
The browser community has been attempting to mandate SSL as a minimum standard for years—slowly implementing changes and benefits to help motivate site owners and businesses to encrypt.
Baupost's investment process involves "never-ending" gleaning of facts to help support investment ideas Seth Klarman writes in his end-of-year letter to investors. In the letter, a copy of which ValueWalk has been able to review, the value investor describes the Baupost Group's process to identify ideas and answer the most critical questions about its potential Read More
2017 will be the year they stop asking nicely and start marking non-encrypted sites as “not secure.” This should cause a fairly rapid, industry-wide reaction that quickly ensures all sites encrypt to avoid being singled out.
This, in turn, should help make the internet a little safer.
Unfortunately, for every few steps forward we also seem to be taking a step back. Cybercrime is becoming more sophisticated and more prevalent. Symantec’s research indicates that 90% of large companies and organizations, and 74% of small and medium-sized businesses have been targeted by a cyber-attack in the last calendar year.
Cyber threats are everywhere, and 2017 will be no different. Here, according to McAfee, are some major Cyber Security predictions for the coming year.
Ransomware Attacks Reduced in the Latter Half of 2017
Despite the fact that ransomware is currently on the rise, McAfee predicts that a number of factors – initiatives like the No More Ransom collaboration, new anti-ransomware technologies and continued law enforcement action – will reduce the volume and effectiveness of ransomware attacks by the end of 2017.
Windows Vulnerabilities Slow as Other Platforms Become More Popular
New attacks aimed at penetrating the latest operating systems have become increasingly difficult in recent years. Right now, to attack Windows 10 OS with a fully patched Microsoft Edge browser would require combining several high-quality vulnerabilities with advanced exploitation techniques. Aside from hacking competitions, this level of sophistication is rarely seen “in the wild.” This will continue in 2017 as attackers are forced to choose other vectors.
Hardware and Firmware Threats Become Targets for Sophisticated Attackers
Building on the last point, as software implementations become harder and harder to successfully exploit, many attackers will turn their attention and efforts towards penetrating hardware and firmware. A hardware breach can compromise an entire system and may difficult to patch. This makes it an extremely attractive target.
Dronejacking Will Become a Thing
As drones become more common and find more uses, their security becomes more and more of a question. Already it has been proven that drones can be hijacked and taken control over. It’s only a matter of time before these types of attacks become more common and begin to interrupt deliveries, camera crews, personal no-fly zones and even police work.
Mobile Threats Will Grow Substantially
Mobile phone use continues to rise as people use their phones to interact with the internet more and more on a daily basis. We have reached the point where people use their phones to shop, do their banking, order rides, food—the applications are literally endless. Not surprisingly, attackers are looking for new and more efficient ways to exploit these phones. That trend will continue in 2017.
IoT Malware Opens Backdoors
Everything is online now. Your refrigerator, air conditioner, cable system and maybe even your laundry machine are all internet capable, which means they can access your wifi network and even interact with your other devices. This is called the Internet of Things or IOT. Unfortunately, a lack of security on these devices could also mean that the IOT is becoming an effective backdoor to our networks.
Machine Learning Accelerates Social Engineering Attacks
Machine Learning toolkits have become widely available and accessible. In the last year people have taught machines everything from how to write Shakespearian sonnets to how to paint like Picasso. Unfortunately, these machines can also be taught to do negative things, like conduct social engineering attacks for cybercriminals. As computers become more capable of learning and combine that capability with the ability to integrate massive data sets, this will continue to grow as a threat.
Spike in Paid Content and Likes Erodes Trust
Trust is key when it comes to doing business online. Unfortunately in 2017 that trust will continue to erode. Whether it’s extremely intelligent programs that can generate fake Facebook likes for business that are willing to pay, or large social networks that can’t get a hold on the fake news being proliferated through them, internet users will continue to have a hard time knowing who to trust online in the coming year.
Ad Wars Will Boost Malware Delivery
If websites wanted to they could serve their ads directly from their primary domains, making them harder to block. But in this day and age where internet ads continue to try and out-evolve the browser mechanisms that block them, simply having your ad seen is not enough. Now it’s about trackers that can follow users from site to site and generate ad profiles that are far more lucrative. This is a form of malware delivery and as it continues to advance it only opens the door for more malicious attacks.
Hacktivists Will Expose More Privacy Issues
Hacktivism is kind of a strange concept, in that hacktivists are people that commit acts of cybercrime in the interest of what is, in their opinion, the greater good. Lately, with governments and international actors doing more in the realm of cyber-surveillance and even espionage, hacktivists have been responding by looking to shed light on these activities. That trend looks to continue in 2017.
Law Enforcement Will Begin to Gain Ground
Slowly but surely, law enforcement around the world has begun to make up ground when it comes to tracking and curtailing the activities of cybercriminals. 2016 saw several high profile cases where law enforcement gained the upper-hand over hackers and 2017 will likely see a continuation of that momentum as governments begin to budget more for cybersecurity.
Threat Intelligence Sharing Will Make Strides
Once again, piggy-backing off our last prediction, an emphasis on cybersecurity budgets and a greater overall awareness of the risk of cyber threats will lead to better, and more intelligence sharing in 2017. Gone are the days when nation states could fend for themselves, now regional and international allies will look to one another to help bolster their cyber intelligence.
So there you have it, these are some of the biggest cybersecurity predictions for the year 2017. Which ones are the most likely to come true and which ones are more the result of wishful thinking or flawed prognositication? Let us know in the comments section!