The end of the year is rapidly approaching and we thought we would reflect on last year’s cyber predictions.
A key characteristic of annual threat predictions is that they rarely change from previous forecasts. For years now we have seen recurring warnings of the rise of cybercrime and mobile malware, that terrorists will use cyber to attack critical national infrastructure (CNI), and that the Internet of Things (IoT) will wreak online havoc. Expect more of the same this Christmas.
Whilst a rise in cybercrime has been a predictable feature for many years, Ransomware was specifically anticipated to grow significantly in 2016. Unfortunately, this indeed came to fruition and Trend Micro claimed this week that new ransomware families soared by 400% between January and September. It has also been claimed 20% of organisations worldwide suffered ransomware-related incidents this year and 1-in-5 small businesses never got their files back, even after paying up.
Whilst ransomware is not new, this year we saw significant changes in the range and sophistication of techniques. Previously the norm was for individuals to receive pop-up messages from fake AV companies threatening that their device was crippled with malware, or even from law enforcement threatening users with arrest for online violations, unless they paid a ransom. However, 2016 has seen a proliferation of crypto-ransomware where cybercriminals take aim at the most valuable part of a system - the data.
The rapid growth of the ‘Ransomware as a service’ model, whereby ransomware operators lease their infrastructure to other customers, has also enabled non-technical users to join the fray.
As expected, the number of IoT devices grew significantly in 2016. Although many of these innovative and (mostly) useful devices are increasingly integral to our everyday lives, few are designed with cyber security and data privacy in mind. The development of cyber capability, along with security weaknesses in IoT devices, now enables skilled and motivated individuals to conduct low equity, high impact attacks on a worldwide scale. This was demonstrated recently after two of the largest ever Distributed Denial of Service (DDoS) attacks were facilitated by an army of compromised smart devices (known as the “Mirai” botnet). This botnet was assembled thanks to weak default passwords found in internet-connected cameras.
Another predicted threat that materialised in 2016 was Business Email Compromise (BEC). This technique, sometimes referred to as whaling, involves sending socially-engineered emails to employees which imitate legitimate email contacts such as that of the CEO or CFO. The unsuspecting employee is then pressured and coerced to authorise a payment as requested. In June, the FBI warned that they had discovered a 1300% increase in BEC attempts since January 2015, and since October 2013, hackers have attempted to send £2.2 billion in 22,000 separate cases.