AppRiver Security Analyst 2018 Predictions
In 2017, AppRiver security analysts remained busy protecting more than 10 million inboxes against malicious attacks. These attacks certainly don’t appear to be slowing down as we head into 2018.
Here are AppRiver’s top cybercrime predictions for the new year:
1. IoT Vulnerabilities will gain further traction
The Internet of Things (IoT) continues to grow and internet connected devices are quickly becoming standard for mainstream consumers. There have been very few reports so far indicating reliance upon these devices have caused physical harm to the consumer. Unfortunately, as they become more widely adopted, we expect these unintended physical consequences will occur to consumers.
- Hackers can remotely control some newer vehicles. Security conferences such as DefCon has their own car hacking village to demonstrate their various security vulnerabilities.
- Medical devices such as pacemakers and syringe infusion pumps have displayed security holes this past year. MRI/CT scanners, implants, and surgical robots are just a few of the other areas of concern where we could see malicious action.
- IoT botnets will continue to evolve, expand, and increase in sophistication.
2. Ransomware will continue to expand and proliferate
- Global outbreak frequency will increase, examples this year: WannaCry & Petya/NotPeya
- Ransomware as a Service will continue to grow enabling people with no hacking skill to attack others using this framework. Malware providers typically take a cut of paid ransoms and provide all the infrastructure.
- Botnets such as Necurs will continue to distribute ransomware on a global scale.
3. State Sponsored Attacks will increase
The distinction between criminal hackers and state-sponsored attacks will be harder to distinguish. A few notable examples:
- This year’s WannaCry attack was reported to be the work of a North Korean project gone awry.
- South Korean cryptocurrency exchanges have been targeted by North Korea.
- Allegedly Russian-backed APT28 attacks have occurred for espionage and other purposes.
4. Large Data Breaches will continue
We witness large data breaches every year. However, the severity of the Equifax breach and Uber hack cover-up will increase regulation. Additional security breach notifications laws will be passed regarding incident handling and how companies will be required to be reported to regulators, law enforcement, financial institutions, and consumers.