NetWitness Community

This is a collection 2017 security predictions made by various organizations. I have put them under 4 categories - 1) Infosec and cyber crime, 2) Ransomeware, 3) IoT and 4) Drones

Infosec and cyber crime

Minority Report (from Infosec Edition)

"Math, machine learning and artificial intelligence will be baked more into security solutions. Security solutions will learn from the past, and essentially predict attack vectors and behavior based on that historical data," says Cunningham, who is director of cyber operations for A10. "This means security solutions will be able to more accurately and intelligently identify and predict attacks by using event data and marrying it to real-world attacks.”

Aftershock password breaches will expedite the death of the password (http://www.cio.com/article/3155724/security/5-data-breach-predictions-for-2017.html)

A joint international effort to fight the cyber crime

We will see the consolidation of the collaboration between law enforcement agencies worldwide that will join the forces against criminal organizations across the world.

Data breaches 3.0

Instead of stealing data, attackers in 2017 will seek to manipulate data, unleashing potentially dire and long-lasting consequences.

New technologies such as Blockchain may be used to enhance trust between stakeholders and facilitate exchange of threat intelligence among industries (from APAC)

The setup of more Information Sharing and Analysis Centers (ISAC) will form platforms for both the private and private sector participants to share threat intelligence. However, participants are wary of exposing their weak security posture when contributing intelligence due to a successful attack, and there are issues of untrusted sources that may contribute the wrong intelligence. Blockchain may emerge as the technology to facilitate the exchange as it authenticates the trusted party to contribute, obfuscates the contributor's detail with anonymity, and offers a tamper proof system that prevents unauthorized alteration of any data shared.

Cybercriminals focus on crypto currencies

Cyber criminals will continue to show a great interest in earning opportunities offered by cryptocurrencies. Security firms will continue to detect malware specifically designed to steal crypto currencies or to abuse victim’s resources for mining activities. The Zcash currency will probably offer the greatest financial opportunity to criminal syndicates. Zcash mining will remain among the most profitable compared to other cryptocurrencies; this means more opportunity for cyber criminals that started creating botnets for mining.

The number of cyber-attacks will continue to grow almost in every industry.

It is very easy to predict a constant increase of cyber-attacks in the wild. Healthcare, energy, and retail will be the sectors most targeted by cyber criminals. While enterprise will improve their security posture, SMBs will continue to be exposed to hacker attacks,

Lack of awareness about cyber threats and significant cuts on budgets reserved to cyber security are principal problems for SMBs.

Ransomeware 

Ransomeware, one of the most dangerous cyber threats (Infosec Institute)

Ransomware will be one of the most dangerous menaces in the threat landscape. The number of new Ransomware families will increase, and the malware authors will implement new features to make these specific threats even more efficient and hard to detect. Security experts will discover a greater number of ransom-as-a-service platforms.

Ransomeware gets physical

Attackers will take over and disble hardware as a way to extort money from corporate victims. 

Business Email Compromise (BEC) attacks will overtake Ransomware and Advanced Persistent Threat (APT) attacks

BEC generally happens when email accounts of key executives are compromised and involves payments made to fraudulent bank accounts. In Singapore alone, aboutS$19 million has been lost through BECs between January toSeptember 2016. There was an increase of 20% in number of such cases as compared to the same period last year. Police investigations revealed that the scam usually involves businesses with overseas dealings with email as the main form of communication in the dealings.

"As BECs are relatively easier to execute and evades cyber defense tools better than other popular attack vectors such as ransomware and APTs, it can potentially be the main cyber threat inAsia," notedCharles Lim, Industry Principal, Cyber Security practice, Frost & Sullivan,Asia Pacific.

Ransomware At Your Service

"As awareness around ransomware grows and fewer people click on links, ransomware operators will need to take steps to improve their ransomware conversation rate by making it easier for ransomware victims to pay up. In 2017, we’ll see the widespread availability of ransomware customer support with more attackers offering FAQs, tech support forums, and even call centers to walk victims through paying and restoring their data," says Todd O'Boyle, co-founder and CTO of Percipient Networks. "And to increase their chances of being paid, many ransomware operators will lower their prices, be open to negotiation, and offer discounts.”

IoT

IoT bankruptcy

Companies that refuse to bake security into their IoT products will suffer financial repercussions.

IoT devices, a dangerous weapon in the wrong hands (Infosec Institute)

The lack of security by design and poor security settings will be the principal reasons for the success of the attacks that will target IoT devices next year. Unfortunately, IoT vendors will continue to put on the market devices that are easy to exploit by crooks for cyber-attacks. We will see a significant diffusion of ThingBot, some of them will also be offered for rent to power massive DDoS attacks. IoT incident and the increase in cyber threats will prompt regulatory responses. 

Rubber ducky botnet army

"We expect to see hackers continue to exploit IoT device vulnerabilities to launch attacks, and they will likely use Edwin, the app-connected smart duck who will be the biggest security threat of the year," says Jeff Harris, vice president of solutions for Ixia. "Hackers will leverage Edwin to launch the “Rubber Ducky Botnet Army” of 2017, making it critical for organizations to better defend their networks to prevent the strong DDoS attacks made possible through a yellow ducky.”

Not A Movie Title: Return Of The Worm

“2017 will be the return of the worm," says Lamar Bailey, senior director of security R&D at Tripwire, specifically pointing to IoT applications as prime targets. "The inherent insecurity in the majority [of] IoT devices, due to the fact vendors are valuing time to market over security, makes them ripe for exploit. Consumers are buying and installing these devices in record numbers to make their life easier but in many cases they are opening up their homes to complete external surveillance and control.”

Drones

Dronejacking

"Drones have their own unique identity but they could be considered mobile as well as IoT devices as they start connecting with other devices," says Mandeep Khera, CMO of Arxan. "As drones start getting more used for deliveries of goods, expect dronejacking and other attacks. Hackers can also cause drones to malfunction with malware, resulting in injuries.”

More drones will be used to facilitate cyber attacks ( from APAC) 

A group of researchers from iTrust, a Center for Research in Cyber Security at theSingapore University of Technology and Design, demonstrated that it is possible to launch a cyber attack using a drone and a smartphone.  In the future, it is expected that drones will be an easy way to scan for unsecured wireless traffic as a way of performing war driving attacks.

https://www.zscaler.com/blogs/corporate/2017-security-predictions#Ransomware%20gets%20physical