The Future of Cyber Attacks

The Future of Cyber Attacks

In 2018 we can expect to see continued creativity from nation-state actors, a growing focus on industrial control systems, and efforts to compromise the software supply chain.

2017. Am I right?  We saw headline grabbing attacks like WannaCry and NotPetya that spread like wildfire, continued debate over the extent of Russian hacking targeting key elections in the US and Europe, and very concerning indications that adversaries are learning how to attack critical infrastructure. In 2018 we can expect to see continued creativity from nation-state actors, a growing focus on industrial control systems, and efforts to compromise the software supply chain.

What lessons should we take into 2018? With threats evolving rapidly, being more prepared for cyberattacks in 2018 will be key to success. Threat intelligence enables security teams to identify enterprise exposure and assess risk more quickly. As a result, organizations that have intelligence and an aligned security team will be more agile and responsive.

When cyber attacks make you WannaCry

In 2018, we’ll continue to see known, leaked vulnerabilities exploited by a range of adversaries and efforts to blur the lines between nation-states and criminals. We saw this earlier in 2017 in the WannaCry and NotPetya attacks where leaked US vulnerabilities were weaponized by other nation states. The WannaCry ransomware attack was carried out by a North Korean hacking group, an example of a nation-state adopting an attack more commonly used by criminals. The NotPetya attack, widely assessed to be conducted by Russian threat actors, was a destructive wiper masquerading as ransomware that primarily targeted Ukraine. 

When “politics by other means” can affect your company

The geopolitical landscape, in particular, will shape the threat organizations face in 2018 and beyond. Mounting financial pressures against the North Korean government are likely to translate into revenue generating cyber attacks. High tensions on the Korean Peninsula may cause Pyongyang to use cyber attacks in an attempt to deter or retaliate against perceived hostile actions, which could affect a larger range of companies. North Korean hackers jump across a range of different target industries and they are less constrained than other nation states with how they assess risk, creating greater unpredictability.

Similarly, we can expect Russian threat actors to use hacks as a way to retaliate against real and perceived slights in the international arena. It increasingly looks like efforts to hack the 2016 US presidential election were a reaction to Vladimir Putin’s belief that the US was behind the Panama Papers leak that highlighted the corrupt finances of close associates. Russia’s expulsion from the the 2018 winter olympic games is another inflammatory subject likely to drive hacking behavior like we saw in 2016 against the World Anti-Doping Agency.

ThreatConnect has seen the threat against critical infrastructure start to proliferate. Attackers are becoming smarter and more elegant, illustrating a degree of adversary learning, which is concerning to the security community. In 2018, we will see more attacks on critical infrastructure.

In addition to the threat to critical infrastructure, supply chain attacks will become more common. In several notable 2017 attacks (NotPetya and CCleaner), attackers exploited the software supply chain to greatly expand the number of victims and evade established security procedures. These software supply chain attacks go after an organization’s trust chain and create a dilemma since most organizations do not have visibility into their software suppliers risk. Organizations will need to reduce the attack surface with threat intelligence.

This rapidly evolving threat landscape reaffirms what many security leaders already know: it’s not getting easier. Threat intelligence enables your security team to be more prepared and to pivot more effectively to changing attacks while orchestration allows you to smartly automate more of your response. Best wishes in 2018 from ThreatConnect - we’ve made it to the end of this article without mentioning the blockchain or machine learning! 

About the Author

Toni Gidwani is the Director of Research Operations at ThreatConnect.

Featured

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services
  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

New Products

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis.