Many of us have watched as 2016 has been a year filled with major cyber security breaches including the rise of the IoT botnet and the ascension of Ransomware as a pandemic. Cyber crime increased exponentially in 2016 as compared to 2015, in fact it appears to be the motivation behind 75% of all attacks, while Cyber Espionage, Hacktivism and Cyber Warfare account for the remaining 25%.
But what will 2017 have in store for us? Can it possibly get worse? We sat down with Fortify 24×7 security guru Jeremy Murtishaw to get is predictions for 2017:
- Ransomware becomes the number one cyber threat. I have been saying all along that ransomware is a pandemic and needs to be treated as such. If there was a worldwide outbreak of a disease, the World Health Organization (WHO) has prepared response protocols which each country then implements. We need the same level of reaction by the Information Technology community, security software and product vendors. We need to come together as a united front to protect all individuals. Ransomware has been become one of the fastest growing industries
and there are no signs that it will slow down anytime soon.
- The value of a stolen identity continues to increase, so expect to see cyber criminals continue their assault on healthcare companies, banks and other institutions which have either Protected Healthcare Information (PHI) or Personally Identifying Information (PII) in their computer systems. We have seen the Internal Revenue Service (IRS), banks, hospitals, schools and various websites all compromised and is either leaked to the public or made available for sale on the black market.
- The Internet of Things (IoT) will continue to be exploited and IoT botnets will become more prevalent. Until we have a common set security standards which all IoT device manufacturers need to follow, we will continue to see them be compromised and used like they were in the attack against Dyn. That attack infected more than 500,000 devices sending 1.2Tbps of traffic and overwhelmed the Dyn infrastructure and defenses. That attack impacted some of the most visited sites on the internet including Netflix, Spotify, Pinterest, the Playstation Network, Twitter, NHL.com, PayPal and Shopify to name a few. The author of the Mirai code has decided to make it public, so you should anticipate an uptick in DDoS attacks as more people begin to use his code.
- Instances of malvertising, which is the process of uploading malware laced advertising images and videos into the ad networks, will continue to increase but will be forced to morph. We have seen a 585% increase in malvertising since 2014. It’s easy and it works well because it is a simple way to get malware onto a machine without the user needing to click on the ad or a video. Malvertising leverages vulnerabilities in software like Adobe Flash. Fortunately, we are seeing more and more websites abandoning the use of Flash in favor of HTML5. I think the last statistic I saw from Statista was that in January 2016, 18% of Alexa’s top 10,000 sites were using Flash, and as of December 2016 that number is down around 7.4%.
- Two-factor authentication will become much more prevalent. Two-factor authentication is where you need two different pieces of information to be submitted before you are allowed to utilize something, in this case a website or mobile app. We have already need many companies offering two-factor authentication as an optional choice and some government entities like the US Treasury are already requiring it. I would expect to see this move from the optional category to required especially in the banking and financial services sectors. Many websites and mobile applications that are not financially related, like Facebook, Twitter and others, are offering this ability. Password fatigue, or the feeling experienced by many people who are required to remember an excessive number of passwords as part of their daily routine, causes many people to reuse the same passwords across all areas of the online life. The use of two-factor authentication will bolster application security in 2017.
- 2017 becomes the year where companies decrease the detection time for a security breach. Currently, the average time to detect a security breach is 69 days. It then takes another 7 days on to contain the breach, 40 days to notify affected parties of the breach and 43 days for the incident investigation to be completed. Breaches are detected by internal IT staff only 52% of the time, which means that 48% of the time a company is notified by a third party that an incident occurred. These statistics are for a company with a decent amount of IT resources, so it’s not hard to imagine that there are many companies without any IT sophistication which are likely compromised and don’t even know it. Information security has to become a KPI for companies of all sizes and sophistication.
- We must make the transition from DevOps to SecureDevOps. SANS surveyed of 12,000 security professionals asking them to name the number one security threat for their organization, 69% said application-layer vulnerabilities. When asked the follow up question about their SecureDevOps practices, less than 10% ensure that all their business-critical applications are reviewed for security before and during production. This has to change. The development community must live and breathe security. We don’t leave holes in our homes or offices so burglars can have easy access to our stuff, then why should software be any different.
If you are interested in learning more about the Fortify 24×7 Cyber Security practice, visit our website for more information or schedule a 30 minute fee discussion with on of our team members.