Were 2016 Cyber Predictions Right?


20 Dec 2016

Were 2016 Cyber Predictions Right?

The end of the year is rapidly approaching and we thought we would reflect on last year’s cyber predictions.

A key characteristic of annual threat predictions is that they rarely change from previous forecasts. For years now we have seen recurring warnings of the rise of cybercrime and mobile malware, that terrorists will use cyber to attack critical national infrastructure (CNI), and that the Internet of Things (IoT) will wreak online havoc. Expect more of the same this Christmas.

Ransomware

Whilst a rise in cybercrime has been a predictable feature for many years, Ransomware was specifically anticipated to grow significantly in 2016. Unfortunately, this indeed came to fruition and Trend Micro claimed this week that new ransomware families soared by 400% between January and September. It has also been claimed 20% of organisations worldwide suffered ransomware-related incidents this year and 1-in-5 small businesses never got their files back, even after paying up.

Whilst ransomware is not new, this year we saw significant changes in the range and sophistication of techniques. Previously the norm was for individuals to receive pop-up messages from fake AV companies threatening that their device was crippled with malware, or even from law enforcement threatening users with arrest for online violations, unless they paid a ransom. However, 2016 has seen a proliferation of crypto-ransomware where cybercriminals take aim at the most valuable part of a system - the data.

The rapid growth of the ‘Ransomware as a service’ model, whereby ransomware operators lease their infrastructure to other customers, has also enabled non-technical users to join the fray.

IoT Devices

As expected, the number of IoT devices grew significantly in 2016. Although many of these innovative and (mostly) useful devices are increasingly integral to our everyday lives, few are designed with cyber security and data privacy in mind. The development of cyber capability, along with security weaknesses in IoT devices, now enables skilled and motivated individuals to conduct low equity, high impact attacks on a worldwide scale. This was demonstrated recently after two of the largest ever Distributed Denial of Service (DDoS) attacks were facilitated by an army of compromised smart devices (known as the “Mirai” botnet). This botnet was assembled thanks to weak default passwords found in internet-connected cameras.

Phishing

Another predicted threat that materialised in 2016 was Business Email Compromise (BEC). This technique, sometimes referred to as whaling, involves sending socially-engineered emails to employees which imitate legitimate email contacts such as that of the CEO or CFO. The unsuspecting employee is then pressured and coerced to authorise a payment as requested. In June, the FBI warned that they had discovered a 1300% increase in BEC attempts since January 2015, and since October 2013, hackers have attempted to send £2.2 billion in 22,000 separate cases.

 

For the latest PGI updates like our pages on LinkedIn – PGIPGI Cyber , Facebook – PGIPGI Cyber and Twitter

Share this article

RISK PORTAL

Your free Global Geopolitical Dashboard

PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.

The Risk Portal gives users up-to-date information and analysis on global affairs.

The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.

Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.

Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.

Visit the Risk Portal

Subscribe to our Cyber Bytes Newsletter

Keep yourself in the loop with PGI by signing up to our Weekly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.

Get in touch today

For more information on how we can help you or your business, please contact us via:

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of certific...

Read news article

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and gone. The...

Read news article

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be part...

Read news article
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP