Executive Viewpoint 2017 Prediction: TrapX Security – Six Cyber Threat Predictions
1. Ransomware will Grow to Unprecedented Levels
Ransomware attacks will continue and grow to unprecedented levels in 2017. Attackers have new tools that enable automation allow the automated manufacture of the ransomware software and the botnets that support them. Given the rapid ROI for this attack, and the easy access to non-traceable money (such as bitcoin) this automation makes it relatively easy for moderately sophisticated attackers to deploy these attacks in much higher volumes. For example, a recent ransomware attack targeted the San Francisco MUNI subway, crippling the ticketing system with a ransom of approximately $70,000 before the attackers would release control. The financial impact exceeded the ransom to include computer forensic costs, and loss of revenue as they had to provide free rides to passengers until the systems were back online.
2. Financial Institutions will lead Economic Loss of Any Industry
Many statistics focus on the number of records stolen – not the direct theft of cash or cash equivalents through fraud. Using this metric, healthcare has moved to the forefront based upon the value per patient record. However, attackers directly target banks in order to siphon off cash. Attackers have pilfered hundreds of millions of dollars in attacks targeting the SWIFT financial network, ATM networks and online banking. For financial services and the banking industry, 2017 will be the year that they see the biggest economic losses – mitigated only by the large number of banks globally that do not share data on internal attacks.
3. A Marked Increase in Clandestine Cyber Attacks by Nation State
Nation states will continue to attack government agencies and large enterprises. What’s more, nation states will quietly penetrate networks in preparation for attacks that can cripple infrastructure, including power grid and telecommunications, among other things.
4. Healthcare Exploits Will Continue to Set Records
Cyber thieves will continue their barrage of attacks on healthcare networks to steal and sell patient records. Despite substantial disclosure about the threats, most hospitals are either unaware that they are breached or highly vulnerable to sophisticated attacks within their medical devices. attackers will move from only attacking major hospitals to mid-tier healthcare organizations such as surgical centers (surgi-centers), MRI/CT centers, skilled nursing facilities (SNFs), diagnostic laboratories and urology/dialysis centers and large physician practices. For example, in November of this year, the Central Ohio Urology Group was breached and thieves absconded with more than 300,000 patient records in what became the 8th largest breach in 2016.
5. A Successful Cyber Attack Will Take Down Part of the Power Grid in a Major Western Nation
Nation states have been attempting for years lurking for years trying to access and compromise the power grids of their political adversaries. Because the skill and technology necessary to perpetrate such an attack is now widespread, we believe such an attack is very likely in 2017. This growing trend was underscored in December 2015, when a suspected nation state perpetrated a cyber attack on the power grid in Ukraine, creating widespread blackouts and confusion.
6. Attacks will Surge on Internet of Things (IoT) Devices
2017 will bring a continued and massive increase in cyber attacks brought about by IoT devices. Most IoT devices manufactured today have no integrated cyber defense and do not allow third parties to install security software. To address this concern, manufacturers recommend that security for IoT devices is achieved by “installing behind a firewall,” which is no longer a guarantee of safety in today’s environment. Once IoT devices are compromised, they can then provide a “back door” that serves as a clandestine communications channel for months before discovery.
The 3.9 billion IoT devices estimated to be online in 2014 increased to more than 6.4 billion devices in 2016. That is approximately 25 connected devices per 100 people in the United States. In 2020, that number is projected to increase to an estimated 20.8 billion IoT devices – a ratio that would almost reach one IoT device for every person in the United States.
TrapX’s extensive experience with healthcare networks and the vulnerability of medical devices had already made clear the deficiencies in IoT security and the ease with which sophisticated human attackers could take advantage of these weaknesses. TrapX also conducted extensive research on how an IoT thermostat could be used by attackers to completely compromise the network to which it was attached. In addition, a customer experienced a similar attack, in which the attacker established a backdoor within an IoT connected computer aided design (CAD) system. We are noting similar attack vectors almost monthly and we expect this trend to escalate rapidly.