The Future of Cyber Attacks

The Future of Cyber Attacks

In 2018 we can expect to see continued creativity from nation-state actors, a growing focus on industrial control systems, and efforts to compromise the software supply chain.

  • By Toni Gidwani
  • Dec 28, 2017

2017. Am I right?  We saw headline grabbing attacks like WannaCry and NotPetya that spread like wildfire, continued debate over the extent of Russian hacking targeting key elections in the US and Europe, and very concerning indications that adversaries are learning how to attack critical infrastructure. In 2018 we can expect to see continued creativity from nation-state actors, a growing focus on industrial control systems, and efforts to compromise the software supply chain.

What lessons should we take into 2018? With threats evolving rapidly, being more prepared for cyberattacks in 2018 will be key to success. Threat intelligence enables security teams to identify enterprise exposure and assess risk more quickly. As a result, organizations that have intelligence and an aligned security team will be more agile and responsive.

When cyber attacks make you WannaCry

In 2018, we’ll continue to see known, leaked vulnerabilities exploited by a range of adversaries and efforts to blur the lines between nation-states and criminals. We saw this earlier in 2017 in the WannaCry and NotPetya attacks where leaked US vulnerabilities were weaponized by other nation states. The WannaCry ransomware attack was carried out by a North Korean hacking group, an example of a nation-state adopting an attack more commonly used by criminals. The NotPetya attack, widely assessed to be conducted by Russian threat actors, was a destructive wiper masquerading as ransomware that primarily targeted Ukraine. 

When “politics by other means” can affect your company

The geopolitical landscape, in particular, will shape the threat organizations face in 2018 and beyond. Mounting financial pressures against the North Korean government are likely to translate into revenue generating cyber attacks. High tensions on the Korean Peninsula may cause Pyongyang to use cyber attacks in an attempt to deter or retaliate against perceived hostile actions, which could affect a larger range of companies. North Korean hackers jump across a range of different target industries and they are less constrained than other nation states with how they assess risk, creating greater unpredictability.

Similarly, we can expect Russian threat actors to use hacks as a way to retaliate against real and perceived slights in the international arena. It increasingly looks like efforts to hack the 2016 US presidential election were a reaction to Vladimir Putin’s belief that the US was behind the Panama Papers leak that highlighted the corrupt finances of close associates. Russia’s expulsion from the the 2018 winter olympic games is another inflammatory subject likely to drive hacking behavior like we saw in 2016 against the World Anti-Doping Agency.

ThreatConnect has seen the threat against critical infrastructure start to proliferate. Attackers are becoming smarter and more elegant, illustrating a degree of adversary learning, which is concerning to the security community. In 2018, we will see more attacks on critical infrastructure.

In addition to the threat to critical infrastructure, supply chain attacks will become more common. In several notable 2017 attacks (NotPetya and CCleaner), attackers exploited the software supply chain to greatly expand the number of victims and evade established security procedures. These software supply chain attacks go after an organization’s trust chain and create a dilemma since most organizations do not have visibility into their software suppliers risk. Organizations will need to reduce the attack surface with threat intelligence.

This rapidly evolving threat landscape reaffirms what many security leaders already know: it’s not getting easier. Threat intelligence enables your security team to be more prepared and to pivot more effectively to changing attacks while orchestration allows you to smartly automate more of your response. Best wishes in 2018 from ThreatConnect - we’ve made it to the end of this article without mentioning the blockchain or machine learning! 

About the Author

Toni Gidwani is the Director of Research Operations at ThreatConnect.

Featured

  • The Evolution of IP Camera Intelligence

    As the 30th anniversary of the IP camera approaches in 2026, it is worth reflecting on how far we have come. The first network camera, launched in 1996, delivered one frame every 17 seconds—not impressive by today’s standards, but groundbreaking at the time. It did something that no analog system could: transmit video over a standard IP network. Read Now

  • From Surveillance to Intelligence

    Years ago, it would have been significantly more expensive to run an analytic like that — requiring a custom-built solution with burdensome infrastructure demands — but modern edge devices have made it accessible to everyone. It also saves time, which is a critical factor if a missing child is involved. Video compression technology has played a critical role as well. Over the years, significant advancements have been made in video coding standards — including H.263, MPEG formats, and H.264—alongside compression optimization technologies developed by IP video manufacturers to improve efficiency without sacrificing quality. The open-source AV1 codec developed by the Alliance for Open Media—a consortium including Google, Netflix, Microsoft, Amazon and others — is already the preferred decoder for cloud-based applications, and is quickly becoming the standard for video compression of all types. Read Now

  • Cost: Reactive vs. Proactive Security

    Security breaches often happen despite the availability of tools to prevent them. To combat this problem, the industry is shifting from reactive correction to proactive protection. This article will examine why so many security leaders have realized they must “lead before the breach” – not after. Read Now

  • Achieving Clear Audio

    In today’s ever-changing world of security and risk management, effective communication via an intercom and door entry communication system is a critical communication tool to keep a facility’s staff, visitors and vendors safe. Read Now

  • Beyond Apps: Access Control for Today’s Residents

    The modern resident lives in an app-saturated world. From banking to grocery delivery, fitness tracking to ridesharing, nearly every service demands another download. But when it comes to accessing the place you live, most people do not want to clutter their phone with yet another app, especially if its only purpose is to open a door. Read Now

Most   Popular

New Products

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.”

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation.

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.