1. A decidedly overt attack from a nation-state will likely occur, in an effort to force an equally public retaliation.
– The public nature of this action will force the hand of NATO or the U.S. government to retaliate, whether they choose to do so publicly is not clear.
– This will lead to an increased focus on offensive cyber capabilities and bolster the demand for cyber weapons on the black market. Countries will covertly arm their allies with cyber weapons, and encourage disguised attacks on their enemy.
2. The internet will be shut down for up to 24 hours.
We’ll see a rise in attacks on fundamental protocols of internet communications. We already started seeing it with DNS. In 2017, we’re going to see it hit big sometime, somewhere. If the internet goes down, financial markets will tank.
3. Portions of the U.S. power grid will be shut down.
– We already saw hackers mobilise vulnerable IoT devices in the recent DDoS attack. Similarly, they could target and impact aspects of critical infrastructure.
– If portions of the power grid go down, there will be lack-of-confidence and trust issues with the government, which will have long-lasting ripple effects.
4. Hackers will target and silence major media sites — such as CNN, FOX News, etc. — to influence what is reported and attempt to keep people in the dark.
– There will be more focused IoT botnet attacks, like the largest DDoS attack ever committed (Oct. 2016), which was all done using embedded systems/IoT devices. We’ll see a larger botnet attack, powered by the hundreds of thousands of IoT devices that still have malware running on them.
5. Ransomware will get more personal, as 2017 will mark the rise of mobile ransomware.
Simon Howe, Director of Sales for ANZ at LogRhythm said, “Attackers will use pre-authenticated tokens to disseminate malware. Because so many Apple devices are interconnected, the malware could very quickly spread. Attackers will target consumers and hold their personal data hostage. For example, attackers will threaten to send out or delete a user’s photos unless a ransom is paid. Just think, how much would you pay to recover your photos?”
6. There will be an uptick in Psychological Operations (PSYOPs), where hackers will use social media platforms to manipulate messages and influence people.
– A study released by Stanford in late Nov. 2016 found that US students from 6th grade through college – presumably the savviest social media users – are unable to accurately evaluate the credibility of information presented in tweets, comments and articles.
– Malicious actors will use algorithms to gauge the effectiveness of their social media efforts, and refine their PSYOPs to further manipulate people of all ages.
7. Every country and region in modern nations will come up with their own cybersecurity governance, and start enforcing compliance with those mandates.
We initially saw this with GPG-13 (Cyber Security Framework) and GDPR (Data Security Framework) in the US. We’ll likely see an uptick in other countries establishing their own brand of cybersecurity and data security frameworks.
LogRhythm, a leader in security intelligence and analytics, empowers organisations around the globe to rapidly detect, respond to and neutralise damaging cyber threats. The company’s patented award-winning platform uniquely unifies next-generation SIEM, log management, network and endpoint monitoring, user entity and behaviour analytics (UEBA), security automation and orchestration and advanced security analytics. In addition to protecting customers from the risks associated with cyber threats, LogRhythm provides unparalleled compliance automation and assurance, and enhanced IT intelligence.
LogRhythm is consistently recognised as a market leader. The company has been positioned as a Leader in Gartner’s SIEM Magic Quadrant report for five consecutive years, named a ‘Champion’ in Info-Tech Research Group’s 2014-15 SIEM Vendor Landscape report, received SC Labs ‘Recommended’ 5-Star rating for SIEM and UTM for 2016 and earned Frost & Sullivan’s 2015 Global Security Information and Event Management (SIEM) Enabling Technology Leadership Award. LogRhythm is headquartered in Boulder, Colorado, with operations throughout North and South America, Europe and the Asia Pacific region.