Top Israeli tech executives talk.
(photo credit: Courtesy)
Beyond all the headlines about breaches, the lists of the best technology solutions and the endless brochures you get at cyber security conferences, there are real threats, with real risks and very real outcomes that can have a devastating affect on businesses.
Some topics require more attention than others. It can be the attention of security analysts, business leaders or government officials. I picked the four topics that I think will generate and require special attention in 2017.
The Evolution of Ransomware #1
Ransomware will become smarter and merge with information-stealing malware. Information will be stolen, and then selectively encrypted, either on-demand or when other goals have been achieved or found to be unachievable.
Although ransomware is an extremely fast way for hackers to get paid, the ability to steal the information before you encrypt the device, enables you to hack it twice. In this scenario, if the victim says, “I have backup files” and refuses to pay for decryption, the hacker can threaten to leak it all.
We hear of ransomware being used in sensitive environments such as hospitals, but so far we haven’t witnessed significant damage in this sector. However, if the malware had first exfiltrated patient information and then encrypted it, that could lead to catastrophic results. The Evolution of Ransomware #2
Ransomware will not only become smarter, it will also explore new use-cases. So far, we have seen very few cases of hackers attacking corporate networks with ransomware; information-stealing malware is the preferred tool. But what we might see in the coming year is ransomware targeting databases, places where there is less chance of backup files being available, causing significant downtime.
For example, I think we’ll see that SMBs who move their files to the cloud, generally do not have backups and do not know how to recover. Cloud data center-focused ransomware, specifically encrypting cloud-based data, will have a tremendous impact on cloud providers and cloud infrastructures.
As more infrastructure transitions to become cloud-based and accessible from anywhere, hackers will target browsers (Chrome, Internet Explorer, Mozilla Firefox) as the weak point. Browsers are essentially the operating system today, no matter whether you’re using Windows, Mac OS or Linux. You spend most of your time in the browser, talking on Hangouts, drafting documents on Google Docs, using lots of plug-ins, etc.
In 2017, we will see an increase in malware targeting that surface. It’s a very large attack surface that hasn’t been fully utilized by hackers. And once hackers find a vulnerability within a browser, they’ll have access to everybody who uses Chrome as their browser, regardless of OS.
Breaches originating from insecure IoT devices such as, a security camera, climate control, an old network printer, or even a remote-controlled light-bulb, that are connected to the network.
In 2016 it was demonstrated with major DDoS attack on the website of security expert Brian Krebs. A hacker found a vulnerability in a brand of IoT camera, and caused millions of them to make HTTP requests from Krebs’ site at the same time. It successfully crashed the site.
Now imagine an IoT camera within a corporate network being hacked. What If that network also contains the company’s database center? There’s no way to stop the hacker from making a lateral move from the compromised camera to the database.
Remember the Target breach in 2013, when a hacker infiltrated the system responsible for monitoring Target’s air conditioning? From there he moved straight to the customer database. This is going to become a much more popular attack method. Gilad Peleg is CEO of SecBI.