Over the past year, we have seen a profound change to how enterprise information data has been targeted by cybercriminals. IT leaders are on high alert after attacks on organizations like the Democratic National Committee and threats like the Dyn attack have brought information security to the top of their priorities. The rise of the Cloud Generation will dictate a change in the information security focus as businesses continue to adopt a modern, digital workplace that allows employees the flexibility to work any time, from anywhere on any device.
With the consistently changing security landscape, it’s important to take the time to assess potential risks and determine the areas the security industry needs to focus their attention. As we approach 2017, Symantec has taken a close look at the trends we can expect to see in the years ahead.
Cloud Generation dynamics define the future of the enterprise
- The enterprise network will expand and become increasingly undefined and diffuse. With the workforce more mobile than ever, the need to primarily protect an on-premise network will become increasingly short sighted. The need for firewalls to defend a singular network becomes unnecessary if it is connected to the cloud. All enterprises will start to move towards WiFi and cloud-based services, rather than investing in expensive and unnecessary network solutions.
- Ransomware will attack the cloud. Given the significant shift towards cloud-based storage and services, the cloud is becoming a very lucrative target for attacks. The cloud is not protected by firewalls or more traditional security measures, so there will be a shift in where enterprises need to defend their data. Cloud attacks could result in multi-million dollar damages and loss of critical data, so the need to defend it will become even more crucial.
- AI/Machine Learning will require sophisticated Big Data capabilities. In 2017, machine learning and AI will only continue to grow. As new forms of machine learning and AI continue to enter the market, enterprises will need to invest in solutions that have the capabilities to collect and analyze data from the countless endpoints and attack sensors across different organizations, industries and geographies. These solutions will prove to be instrumental in teaching machines how to operate on the front lines of a global battle that changes every day, minute by minute.
Cybercrime becomes mainstream
- Rogue nation states will finance themselves by stealing money. There is a dangerous possibility that rogue nation states could align with organized crime for their personal gain, such as what we saw in the SWIFT attacks. This could result in down time for countries’ political, military or financial systems.
- Fileless malware will increase. Fileless infections – those written directly onto a computer’s RAM without using files of any kind – are difficult to detect and often elude intrusion prevention and antivirus programs. This type of attack increased throughout 2016 and will continue to gain prominence in 2017, most likely through PowerShell attacks.
- Secure Sockets Layer (SSL) abuse will lead to increased phishing sites using HTTPS. The rise in popularity of free SSL certifications paired with Google’s recent initiative to label HTTP-only sites as unsafe will weaken security standards, driving potential spear-phishing or malware programs due to malicious search engine optimization practices.
- Drones will be used for espionage and explosive attacks. This could be seen in 2017, but is more likely to occur further down the road. By 2025, we can expect to see “dronejacking,” which will intercept drone signals and redirect drones for the attacker’s benefit. Given this possibility, we can also expect to see anti-drone hacking technology being developed to control these devices’ GPS and other important systems.
IoT comes to enterprise business
- The proliferation of the Cloud Generation. We’ll continue to see businesses allow employees to introduce new technologies such as wearables, virtual reality and IoT connected devices onto the network while supporting a rapidly dispersed workforce made possible by cloud applications and solutions. Enterprises will need to shift their focus from safeguarding endpoint devices toward protecting users and information across all applications and services.
- IoT devices will increasingly penetrate the enterprise, leading to increased IoT DDoS attacks. Beyond looking exclusively at computers and mobile devices for vulnerabilities, incident response teams today need to consider thermostats and other connected devices as jumping points into the network. The Dyn attack in October demonstrated a vast number of IoT devices don’t have enterprise-level security and are tremendously vulnerable to attacks. As more IoT devices are installed, the risk of security breach will increase. Once insecure devices are in the market, it becomes almost impossible to fix the issue without recalling them or issuing security updates.
While 2016 presented new challenges for the information security industry, 2017 has the potential to be just as critical of a time. By raising awareness of potential threats, we can better prepare ourselves to protect and respond in the face of an attack.