David Rajoo (pic above), Director, Systems Engineering, Symantec Malaysia, said:
"Each year, the security industry faces new types of threats as cybercriminals evolve their approach toward accessing an organisation’s data. With Malaysia’s emphasis to continue growing and developing the Digital Economy, there needs to be an increased awareness on cybersecurity to improve Malaysia’s digital threat landscape. Here are the top picks for 2017:
A new era of cybercrime
• Rogue nation states will finance themselves by stealing money online. There is a dangerous possibility that rogue nation states could align with organised crime for their personal gain, such as what we saw in the SWIFT attacks.
• Fileless malware will increase. Fileless infections – those written directly onto a computer’s RAM without using files of any kind – are difficult to detect and often elude intrusion prevention and antivirus programs. This type of attack increased throughout 2016 and will continue to gain prominence in 2017, most likely through PowerShell attacks.
• Secure Sockets Layer (SSL) abuse will lead to increased phishing sites using HTTPS. The rise in popularity of free SSL certifications paired with Google’s recent initiative to label HTTP-only sites as unsafe will weaken security standards, driving potential spear-phishing or malware programs due to malicious search engine optimisation practices.
Furthermore, phishing scams are becoming increasingly sophisticated that consumers are having a hard time identifying them. In Malaysia, 26 percent of consumers cannot identify a phishing email scam and 84 percent have experienced a negative outcome after responding to a potential phishing email, according to the Norton Cyber Security Insights 2016 Report.
• Drones will be used for espionage and explosive attacks. This could be seen in 2017, but is more likely to occur further down the road. By 2025, we can expect to see “dronejacking,” which will intercept drone signals and redirect drones for the attacker’s benefit. Given this possibility, we can also expect to see anti-drone hacking technology being developed to control these devices’ GPS and other important systems.
IoT devices offer new revenue streams for cybercriminals
• Connected cars will be taken for ransom. As cars start to have connected capabilities, this provides cybercriminals with a new avenue to launch their cyber attacks. In Malaysia, the connected car penetration is expected to grow from 1.0 percent in 2017 to 3.1 percent in 2021.
• IoT devices in the enterprise will increase points of exposure. Beyond looking simply at computers and mobile devices for vulnerabilities, incident response teams will need to consider thermostats and other connected devices as jumping points into the network. Similar to how printer servers were used for attacks several years ago, nearly everything in an enterprise is now connected to the internet and will need to be protected.
As an example of an IoT DDoS attack, the Dyn attack in October demonstrated the vast number of IoT devices that don’t have security on them and are tremendously vulnerable to attacks. According to the Norton Cyber Security Insights 2016 report, Malaysian consumers are unknowingly giving hackers a new avenue to launch attacks with 27 percent using the default password issued by their provider when setting up their Wi-Fi and have not changed it since then.
As more IoT devices are installed in the mass market, the risk of security breach will increase. Once insecure devices are in the market, it becomes almost impossible to fix the issue without recalling them or issuing security updates. Given that this lack of security will continue for the foreseeable future, the number of IoT attacks will only increase as well.
Hacks in the cloud
• Ransomware will attack the cloud. Given the significant shift towards cloud-based storage and services, the cloud is becoming a very lucrative target for attacks. More than one in five (22 percent) of Malaysians know someone who had experienced cybercrime while six percent of the victims had experienced the attack themselves, indicating the steady rise of this menace, according to the Norton Cyber Security Insights 2016 Report.
The cloud is not always automatically protected by firewalls or more traditional security measures, so there will be a shift in where enterprises need to defend their data. Cloud attacks could result in multi-million dollar damages and loss of critical data, so the need to defend it will become even more crucial.
• Machine Learning will require sophisticated Big Data capabilities. In 2017, machine learning and AI will only continue to grow - Forrester predicts investment in Artificial Intelligence will grow 300 percent next year alone.
From a security standpoint, this expansion will impact organisations in more ways than one – including endpoints and mechanisms in the cloud. As new forms of machine learning and AI continue to enter the market, enterprises will need to invest in solutions that have the capabilities to collect and analyse data from the countless endpoints and attack sensors across different organizations, industries and geographies. These solutions will prove to be instrumental in teaching machines how to operate on the front lines of a global battle that changes every day, minute by minute."
Sign up for Computerworld eNewsletters.