The end of the year is rapidly approaching and we thought we would reflect on last year’s cyber predictions.
A key characteristic of annual threat predictions is that they rarely change from previous forecasts. For years now we have seen recurring warnings of the rise of cybercrime and mobile malware, that terrorists will use cyber to attack critical national infrastructure (CNI), and that the Internet of Things (IoT) will wreak online havoc. Expect more of the same this Christmas.
Whilst a rise in cybercrime has been a predictable feature for many years, Ransomware was specifically anticipated to grow significantly in 2016. Unfortunately, this indeed came to fruition and Trend Micro claimed this week that new ransomware families soared by 400% between January and September. It has also been claimed 20% of organisations worldwide suffered ransomware-related incidents this year and 1-in-5 small businesses never got their files back, even after paying up.
Whilst ransomware is not new, this year we saw significant changes in the range and sophistication of techniques. Previously the norm was for individuals to receive pop-up messages from fake AV companies threatening that their device was crippled with malware, or even from law enforcement threatening users with arrest for online violations, unless they paid a ransom. However, 2016 has seen a proliferation of crypto-ransomware where cybercriminals take aim at the most valuable part of a system - the data.
The rapid growth of the ‘Ransomware as a service’ model, whereby ransomware operators lease their infrastructure to other customers, has also enabled non-technical users to join the fray.
As expected, the number of IoT devices grew significantly in 2016. Although many of these innovative and (mostly) useful devices are increasingly integral to our everyday lives, few are designed with cyber security and data privacy in mind. The development of cyber capability, along with security weaknesses in IoT devices, now enables skilled and motivated individuals to conduct low equity, high impact attacks on a worldwide scale. This was demonstrated recently after two of the largest ever Distributed Denial of Service (DDoS) attacks were facilitated by an army of compromised smart devices (known as the “Mirai” botnet). This botnet was assembled thanks to weak default passwords found in internet-connected cameras.
Another predicted threat that materialised in 2016 was Business Email Compromise (BEC). This technique, sometimes referred to as whaling, involves sending socially-engineered emails to employees which imitate legitimate email contacts such as that of the CEO or CFO. The unsuspecting employee is then pressured and coerced to authorise a payment as requested. In June, the FBI warned that they had discovered a 1300% increase in BEC attempts since January 2015, and since October 2013, hackers have attempted to send £2.2 billion in 22,000 separate cases.
Your free global geopolitical
PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.
The Risk Portal gives users up-to-date information and analysis on global affairs.
The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.
Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.
Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.
Subscribe to our Cyber Bytes Newsletter
Keep yourself in the loop with PGI by signing up to our Monthly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.