Cybersecurity is set to become more challenging in 2017, with IoT, DDoS, predictive analytics and automobiles just some of the segments.
Editor’s Note: With 2017 virtually upon us, RCR Wireless News has gathered predictions from across the mobile telecommunications space on what they expect to see in the new year.
IoT continues to pose a major threat.
In late 2016, all eyes were on ”internet of things”-borne attacks. Threat actors were using IoT devices to build botnets to launch massive distributed denial of service attacks. In two instances, these botnets collected unsecured “smart” cameras. As IoT devices proliferate and everything has a web connection – refrigerators, medical devices, cameras, cars, tires, you name it – this problem will continue to grow unless proper precautions like two-factor authentication, strong password protection and others are taken.
Device manufactures must also change behavior. They must scrap default passwords and either assign unique credentials to each device or apply modern password configuration techniques for the end user during setup.
DDoS attacks get even bigger
We recently saw some of the largest DDoS attacks on record, in some instances topping 1 terabit per second. That’s absolutely massive and it shows no sign of slowing. Through 2015, the largest attacks on record were in the 65 gigabit per second range. Going into 2017, we can expect to see DDoS attacks grow in size, further fueling the need for solutions tailored to protect against and mitigate these colossal attacks.
Predictive analytics gains ground
Math, machine learning and artificial intelligence will be baked more into security solutions. Security solutions will learn from the past, and essentially predict attack vectors and behavior based on that historical data. This means security solutions will be able to more accurately and intelligently identify and predict attacks by using event data and marrying it to real-world attacks.
Attack attempts on industrial control systems
Similar to the IoT attacks, it’s only due time until we see major industrial control system attacks. Attacks on e-commerce stores, social media platforms and others have become so commonplace that we’ve almost grown cold to them. Bad guys will move onto bigger targets: dams, water treatment facilities and other critical systems to gain recognition.
Upstream providers become targets
The DDoS attack launched against DNS provider Dyn, which resulted in knocking out many major sites that use Dyn for DNS services, made headlines because it highlighted what can happen when threat actors target a service provider as opposed to just the end customers. These types of attacks on upstream providers cause a ripple effect that interrupts service not only for the provider, but all of their customers and users. The attack on Dyn set a dangerous precedent and will likely be emulated several times over in the coming year.
Physical security grows in importance
Cybersecurity is just one part of the puzzle. Strong physical security is also necessary. In 2017, companies will take notice, and will implement stronger physical security measures and policies to protect against internal threats and theft and unwanted devices coming in and infecting systems.
Automobiles become a target
With autonomous vehicles on the way and the massive success of sophisticated electric cars like Tesla, the automobile industry will become a much more attractive target for attackers. Taking control of an automobile isn’t fantasy and it could be a real threat next year.
Point solutions no longer do the job
The days of “Frankensteining” together a set of security solutions has to stop. Instead of buying a single solution for each issue, businesses must trust security solutions from best-of-breed vendors and partnerships that answer a number of security needs. Why have 12 solutions when you can have three? In 2017, your security footprint will get smaller, but will be much more powerful.
The threat of ransomware grows
Ransomware was one of the fastest growing online threats in 2016, and it will become more serious and more frequent in 2017. We’ve seen businesses and individuals pay thousands of dollars to free their data from the grip of threat actors. The growth of ransomware means we must be more diligent to protect against it by not clicking on anything suspicious. Remember: if it sounds too good to be true, it probably is.
Security teams are 24/7
The days of security teams working 9-to-5 are long gone. Now is the dawn of the 24/7-security team. As more security solutions become services-based, consumers and businesses will demand the security teams and their vendors be available around the clock. While monitoring tools do some of the work, threats don’t stop just because it’s midnight, and security teams need to be ready to do battle all day, every day.
