Sophos acquires machine learning visionary Invincea.

Top 10 Rock & Roll Cybersecurity Predictions for 2017

Jan 20, 2017

#1) A series of cyberattacks will be classified as major terrorist attacks.

“Cryin’ won’t help you, prayin’ won’t do you no good” – from When the Levee Breaks by Led Zeppelin

Terrorists want to create chaos. Historically, they have been limited to the physical world.  However, terrorists will soon start leveraging cyber capabilities not only for fundraising and to spread their message, but also to cause damage to critical infrastructure. Financial systems, hospitals, and the energy sector would likely be targeted. This risk is only amplified with the convergence of the cyber and physical world, the rising popular of connected devices (aka the Internet of Things), and the risk of Distributed Denial of Service (DDos) attacks.

#2) WikiLeaks will be used to topple key leaders in national governments.

“I go checking out the reports, digging up the dirt. You get to meet all sorts in this line of work” from Private Investigations by Dire Straits

We saw the impact that leaked documents had in the recent US Presidential election.  It’s fair to say “baby you ain’t seen nothing yet.”  Doxing, the releasing of private information on the Internet, is now a proven and effective tactic for not only dissidents but also Nation States.  WikiLeaks is at the forefront of this trend, and will likely work with groups they sympathize with or feel connected to in order to take down a significant world leader.

#3) Ransomware will eclipse traditional malware as the #1 cyber threat for companies.

“Calls me on the phone, tells me all the ways that he’s gonna mess me up, steal all my children if I don’t pay the ransom” from Wolf At The Door by Radiohead

One the biggest challenges for cyber criminals has always been the ability to cash out. This is why we’ve seen the financial services industry hit with almost every form of cyber attack over the past decade, because that is where the money is. Most attacks designed with the end goal of stealing corporate secrets or sensitive customer data – even financial data – still require the attacker to take the extra step of selling that information to other criminals or leveraging it in some other way to make a profit.  With ransomware, attackers have figured out a way to cut out the middleman and have the victim pay them directly. It’s a pretty straightforward attack technique that has been incredibly profitable. All signs point to ransomware attacks continuing to increase in the coming year.

#4) Endpoint security tools focused on detection and response will be consolidated into next-generation prevention tools

“I think this place is full of spies, I think they’re onto me. Didn’t anybody tell you how to gracefully disappear in a room” from Secret Meeting by The National

Up until a few years ago the security industry was entirely focused on preventing threats.  Suddenly, a shift occurred and people were shouting “prevention is dead!” from the rooftops. Nowhere was this more apparent than the endpoint protection market, where the failure of traditional antivirus and other endpoint security tools led to the emergence of the endpoint detection and response (EDR) market. However, EDR tools, like most tools that are complex and require a team of sophisticated operators, primarily appeal only to the industry’s most mature security organizations. This is why the market has shifted back to products that focus on preventing attacks before they can do damage, rather than just telling you about them after you’ve been compromised. The current iteration of prevention-focused solutions now include next-generation antivirus tools that not only do a better job at prevention, but also include deep forensics for further analysis and response.

#5) Legislation will be passed after a software liability leads to a loss of life.

“It’s so surprising just how quickly things can end” – from We Have a Technical by Gary Numan

The concept of a cyber attack actually being able to kill a human has been more of a Hollywood movie plot than a real threat.  With more connected devices, including medical devices, home safety systems, and vehicles, there is an increased risk that life will start to imitate art.  Eventually, a software vulnerability will end up costing a life. This may be less the result of an attack and more likely correlated with the normal IT issues that impact systems all the time.  What happens when a firmware update causes a smoke alarm to malfunction or a DDoS attack takes down an emergency communication system?  It will only take one real-life movie plot to cause legislators to take action. The tricky part will be passing laws that keep people safe without stifling innovation or causing unintended negative consequences.

#6) The cybersecurity talent shortfall will decline as software companies meet demand with machine learning and artificial intelligence. 

“Welcome my son, welcome to the machine” from Welcome to the Machine by Pink Floyd

The shortage of cybersecurity talent has been well document and debated, from the Con circuit all the way up to the White House. Currently there are over a million job openings in cybersecurity without the talent to fill them. So far the only option to address this shortfall has been to significantly ramp up training in an effort to build a bigger pipeline of security professionals (something that still needs to happen). However, the emergence of machine learning and artificial intelligence offers a new hope.  This technology has the ability to reduce complexity and the reliance on human operators, which should help reduce the talent shortfall. Machine learning is already here to stay, and now it’s up to vendors and security teams to leverage this technology for continued innovation.

#7) Ransomware begins to impact IoT devices

“They don’t know where, and they don’t know when it’s coming. But it’s coming” from Keep the Car Running by Arcade Fire

IoT devices have already become a talking point with the impact of the Mirai botnet and numerous stories about IoT vulnerability that could lead to compromise.  But there is a another threat looming on the horizon: ransomware. As IoT devices become more powerful and use more universal operating systems, someone will figure out a way to create a ransomware attack for them. Will you have to pay a ransom to start your car or use your toaster?  We’ll find out.

#8) A catastrophic cyber attack will cause a massive amount of data to be destroyed.

“Everything is not okay, we lost too much along the way” from All Time Low by Nine Inch Nails

Maybe we’ve been watching too much Mr. Robot, but it feels like this is going to finally be the year that a cyber attack does massive damage by destroying, rather than just stealing, a large amount of data.  The capability to do so has been around for a while, but soon those capabilities will be in the hands of someone with the motivation to use them. This could include wiping all the health records from a large healthcare provider, or deleting all the data from the IRS or state tax agency.

#9) A Cyber NATO will be created to implement international cyber policy

“Try to see it my way, only time will tell if I am right or I am wrong. While you see it your way, there’s a chance that we may fall apart before too long” from We Can Work It Out by The Beatles

Warfare in the cyber age appears to be mimicking warfare in the Cold War era.  Just as with nuclear arms, finding common ground about cyber policy and rules of engagement in cyber warfare will not be an easy challenge. This is why we will likely see the creation of an international coalition, similar to a cyber NATO, to try to address these challenges.

#10) #BlameRussia will become trendy on the Internet  

“I went out with the waitress the way I always do. How was I supposed to know she was with the Russians too” from Lawyers, Guns & Money by Warren Zevon

The ability of foreign adversaries to conduct a campaign of influence has never been clearer.  No nation (other than maybe the United States) has been more adept at wielding this power than Russia. That is the bad news.  The good news is we can now #BlameRussia for everything. When companies get breached they can simply tell the press that Russia did it, thinking they’ll get a free pass. Did Russia leverage their cyber capabilities to rig the US election? Maybe.  Did Russia secretly launch a campaign of influence to convince the NFL to hire Lady Gaga for their Super Bowl Halftime Show? Definitely. I totally #BlameRussia.


You may also be interested in...

Ransomware’s Stronghold on Healthcare

read more

X by Invincea: HIPAA and HITRUST Compliance

read more

5 Questions to Ask About Machine Learning

read more