After the distributed denial of service (DDoS) attack that crippled many parts of the internet—including Amazon, Netflix, Spotify, PayPal, Twitter and many others—concerns were raised that similar attacks would be coming, as cyber hackers become more bold and more sophisticated.
Intel Security has identified 14 threat trends to watch for in the coming year, most of which involve security in cloud computing and IoT. These threats run the gamut of ransomware, sophisticated hardware, firmware attacks, smart home attacks and the use of machine learning to enhance social engineering attacks.
Intel Security believes that in 2017:
- Ransomware (disabling devices in the home and then asking for money to turn them back on) attacks will decrease in the second half of the year.
- Infrastructure software and virtualization software attacks will increase.
- Hardware and firmware will increasingly be targeted by hackers.
- Hackers on laptops will attempt drone-jackings for criminal or hacktivist purposes.
- Mobile attacks will combine with mobile device locks with credential theft.
- IoT malware will open back doors to smart homes that could go undetected for years.
- Machine learning will accelerate the use of, and increase the sophistication of, social engineering attacks.
- Fake ads and purchased “likes” will continue to erode trust.
- Online advertising will be copied by attackers to boost malware delivery.
- Hacktivists will play a role in exposing privacy issues.
- Threat intelligence sharing will make strides in the New Year.
- Cybercrime will be affected by growing cooperation between law enforcement and industry.
- Cyber espionage will become common in the private sector and criminal underworld.
- Cybersecurity and physical industry companies will collaborate to develop products to prevent digital theft.
“To change the rules of the game between attackers and defenders, we need to neutralize our adversaries' greatest advantages,” says Vincent Weafer, vice president of Intel Security's McAfee Labs.
“As a new defensive technique is developed, its effectiveness increases until attackers are compelled to develop countermeasures to evade it. To overcome the designs of our adversaries, we need to go beyond understanding the threat landscape to changing the defender-attacker dynamics in six key areas: 1) information asymmetry, 2) making attacks more expensive, 3) improving visibility, 4) better identifying exploitation of legitimacy, 5) improving protection for decentralized data, and 6) detecting and protecting in agentless environments.”
