Technology / Cyber criminals to grow increasingly sophisticated in 2017, experts warn
Cyber criminals to grow increasingly sophisticated in 2017, experts warn
29 November 2016 |
Hackers will continue to target connected devices in 2017 as firms work together to fight back against their increasingly sophisticated attack methods, according to cyber security experts.
The McAfee Labs 2017 Threats Predictions Report, which brings together the views of 31 security experts, highlighted 14 threat predictions for 2017, including a decline in the volume and effectiveness of ransomware attacks in the second half of the year.
"I anticipate that we will see the migration of ransomware onto other devices," Raj Samani, EMEA CTO at Intel Security, told Business Reporter. "It does not mean it is going away."
The report also predicted more attacks on hardware and firmware, including the installation of backdoors onto Internet of Things-connected devices for use as parts of botnets like Mirai, which launched a huge distributed denial of service attack in October.
"The impact was significant," Samani said, noting that the attack on Dyn caused problems for high-profile sites like Twitter and Reddit, thereby affecting consumers. "The number of botnets that are going to exploit these vulnerable devices is going to increase. The impact is going to be, broadly, that these devices are going to continue to disrupt operations."
The security experts also tipped attackers to use more sophisticated methods like machine learning to improve their social engineering attacks, as well as fake ads and purchased likes to trick victims on websites and social networks and lure them into their schemes.
Samani said these more sophisticated means of attack will gain popularity “because it pays”, even if they take a little more effort than large, untargeted phishing campaigns.
“For example, I will send out an email pretending to be your boss,” he explained. “That seems like a simple attack but it does require a lot of research. It requires that attacker to understand the organisation. And so it is really based around the return on investment.
“The more accurately and effectively you can make a simple spear phishing email look credible, the more it pays.” For cyber criminals sending out many emails, he said, even a 0.5 per cent improvement can mean a big difference in their return.
On a more optimistic note, the report said there will be better intelligence sharing and collaboration between organisations to fight cyber crime in 2017. Samani said No More Ransom, a collaboration between security firms and law enforcement aimed at helping ransomware victims – has already proven a good start in the fight against cyber crime.
“I think 2016 has been a good year in terms of when we talk about public-private partnerships it has proven to be more than lip service,” he said. “I think, fundamentally, we have seen in 2016 the emergence of an industry fighting back.”
For more on the report, see the McAfee blog.