The Future of Cyber Attacks

The Future of Cyber Attacks

In 2018 we can expect to see continued creativity from nation-state actors, a growing focus on industrial control systems, and efforts to compromise the software supply chain.

2017. Am I right?  We saw headline grabbing attacks like WannaCry and NotPetya that spread like wildfire, continued debate over the extent of Russian hacking targeting key elections in the US and Europe, and very concerning indications that adversaries are learning how to attack critical infrastructure. In 2018 we can expect to see continued creativity from nation-state actors, a growing focus on industrial control systems, and efforts to compromise the software supply chain.

What lessons should we take into 2018? With threats evolving rapidly, being more prepared for cyberattacks in 2018 will be key to success. Threat intelligence enables security teams to identify enterprise exposure and assess risk more quickly. As a result, organizations that have intelligence and an aligned security team will be more agile and responsive.

When cyber attacks make you WannaCry

In 2018, we’ll continue to see known, leaked vulnerabilities exploited by a range of adversaries and efforts to blur the lines between nation-states and criminals. We saw this earlier in 2017 in the WannaCry and NotPetya attacks where leaked US vulnerabilities were weaponized by other nation states. The WannaCry ransomware attack was carried out by a North Korean hacking group, an example of a nation-state adopting an attack more commonly used by criminals. The NotPetya attack, widely assessed to be conducted by Russian threat actors, was a destructive wiper masquerading as ransomware that primarily targeted Ukraine. 

When “politics by other means” can affect your company

The geopolitical landscape, in particular, will shape the threat organizations face in 2018 and beyond. Mounting financial pressures against the North Korean government are likely to translate into revenue generating cyber attacks. High tensions on the Korean Peninsula may cause Pyongyang to use cyber attacks in an attempt to deter or retaliate against perceived hostile actions, which could affect a larger range of companies. North Korean hackers jump across a range of different target industries and they are less constrained than other nation states with how they assess risk, creating greater unpredictability.

Similarly, we can expect Russian threat actors to use hacks as a way to retaliate against real and perceived slights in the international arena. It increasingly looks like efforts to hack the 2016 US presidential election were a reaction to Vladimir Putin’s belief that the US was behind the Panama Papers leak that highlighted the corrupt finances of close associates. Russia’s expulsion from the the 2018 winter olympic games is another inflammatory subject likely to drive hacking behavior like we saw in 2016 against the World Anti-Doping Agency.

ThreatConnect has seen the threat against critical infrastructure start to proliferate. Attackers are becoming smarter and more elegant, illustrating a degree of adversary learning, which is concerning to the security community. In 2018, we will see more attacks on critical infrastructure.

In addition to the threat to critical infrastructure, supply chain attacks will become more common. In several notable 2017 attacks (NotPetya and CCleaner), attackers exploited the software supply chain to greatly expand the number of victims and evade established security procedures. These software supply chain attacks go after an organization’s trust chain and create a dilemma since most organizations do not have visibility into their software suppliers risk. Organizations will need to reduce the attack surface with threat intelligence.

This rapidly evolving threat landscape reaffirms what many security leaders already know: it’s not getting easier. Threat intelligence enables your security team to be more prepared and to pivot more effectively to changing attacks while orchestration allows you to smartly automate more of your response. Best wishes in 2018 from ThreatConnect - we’ve made it to the end of this article without mentioning the blockchain or machine learning! 

About the Author

Toni Gidwani is the Director of Research Operations at ThreatConnect.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Nearly Half of Companies Exclude Cybersecurity Teams When Developing, Onboarding and Implementing AI Solutions

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3