The Future of Cyber Attacks

The Future of Cyber Attacks

In 2018 we can expect to see continued creativity from nation-state actors, a growing focus on industrial control systems, and efforts to compromise the software supply chain.

  • By Toni Gidwani
  • Dec 28, 2017

2017. Am I right?  We saw headline grabbing attacks like WannaCry and NotPetya that spread like wildfire, continued debate over the extent of Russian hacking targeting key elections in the US and Europe, and very concerning indications that adversaries are learning how to attack critical infrastructure. In 2018 we can expect to see continued creativity from nation-state actors, a growing focus on industrial control systems, and efforts to compromise the software supply chain.

What lessons should we take into 2018? With threats evolving rapidly, being more prepared for cyberattacks in 2018 will be key to success. Threat intelligence enables security teams to identify enterprise exposure and assess risk more quickly. As a result, organizations that have intelligence and an aligned security team will be more agile and responsive.

When cyber attacks make you WannaCry

In 2018, we’ll continue to see known, leaked vulnerabilities exploited by a range of adversaries and efforts to blur the lines between nation-states and criminals. We saw this earlier in 2017 in the WannaCry and NotPetya attacks where leaked US vulnerabilities were weaponized by other nation states. The WannaCry ransomware attack was carried out by a North Korean hacking group, an example of a nation-state adopting an attack more commonly used by criminals. The NotPetya attack, widely assessed to be conducted by Russian threat actors, was a destructive wiper masquerading as ransomware that primarily targeted Ukraine. 

When “politics by other means” can affect your company

The geopolitical landscape, in particular, will shape the threat organizations face in 2018 and beyond. Mounting financial pressures against the North Korean government are likely to translate into revenue generating cyber attacks. High tensions on the Korean Peninsula may cause Pyongyang to use cyber attacks in an attempt to deter or retaliate against perceived hostile actions, which could affect a larger range of companies. North Korean hackers jump across a range of different target industries and they are less constrained than other nation states with how they assess risk, creating greater unpredictability.

Similarly, we can expect Russian threat actors to use hacks as a way to retaliate against real and perceived slights in the international arena. It increasingly looks like efforts to hack the 2016 US presidential election were a reaction to Vladimir Putin’s belief that the US was behind the Panama Papers leak that highlighted the corrupt finances of close associates. Russia’s expulsion from the the 2018 winter olympic games is another inflammatory subject likely to drive hacking behavior like we saw in 2016 against the World Anti-Doping Agency.

ThreatConnect has seen the threat against critical infrastructure start to proliferate. Attackers are becoming smarter and more elegant, illustrating a degree of adversary learning, which is concerning to the security community. In 2018, we will see more attacks on critical infrastructure.

In addition to the threat to critical infrastructure, supply chain attacks will become more common. In several notable 2017 attacks (NotPetya and CCleaner), attackers exploited the software supply chain to greatly expand the number of victims and evade established security procedures. These software supply chain attacks go after an organization’s trust chain and create a dilemma since most organizations do not have visibility into their software suppliers risk. Organizations will need to reduce the attack surface with threat intelligence.

This rapidly evolving threat landscape reaffirms what many security leaders already know: it’s not getting easier. Threat intelligence enables your security team to be more prepared and to pivot more effectively to changing attacks while orchestration allows you to smartly automate more of your response. Best wishes in 2018 from ThreatConnect - we’ve made it to the end of this article without mentioning the blockchain or machine learning! 

About the Author

Toni Gidwani is the Director of Research Operations at ThreatConnect.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3

  • Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.

    Connect ONE®

    Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation. 3