Week 8 Blog Post


In these last few weeks of this semester we are looking at different Cybersecurity trends for 2017. There is not much change from existing trends to be expected, unless we see some black swan effect attack that no one has ever anticipated. The trends continue to evolve around your standard malware distribution, ransomware, IOT hacking, DDoS attacks, cloud attacks, data breaches, spear phishing, mobile device security and other familiar trends.

These trends generally follow the growth in the specific market such as cloud computing or Internet of Things (IOT) growth. As more and more devices are built with capability to connect to the internet, and are built with insufficient security in mind they could and will end up getting hacked and used for other purposes. Most recent example of the Dyn attack caused by Mira botnet is a testimony to that growing trend. In this case infected IOT devices were turned into a large botnet used to bring down business and media outlet websites. The DDoS and ransomware attacks have been around for a while but will continue through 2017 as there are no real mitigation techniques to deal with such attacks on a large scale. Data breaches continue to stay in the news and will do so in 2017 as well. I personally think this is due to lack of penalties for the businesses that suffer a data breach. Currently the fines are to low and consumers only benefit they get is a free one year credit monitoring joke for their lost data. It's like consumer information experises after 12 months and becomes useless to the attackers. The SSN doesn't change, your DOB doesn't change, your mother's maiden name doesn't change so why would this information become irrelevant after a year? We need more strict penalties including cease and decist orders for companies with large data breaches. When they get scared they tend to invest more into security and pay more attention. When all they have to loose is few million dollars and bulk purchase of credit monitoring then no-one really cares that much. Mobile devices will most likely start getting hit at much larger scale with ransomware attacks as they collect more and more information on a daily basis. Mobile devices are replacing personal computers and are becoming more attractive targets with app distribution. Also lets not forget that many businesses allow for "BYOD" bring your own device to work which can also allow attackers to target businesses though the personal devices employees bring to work.

In summary we will not see a drop in different attack types this year but can expect an increase. We are also most likely to see an increase in state sponsored attacks as tensions rise between North Korea and the United States. Another emerging segment which will spill over onto cyber conflict is the rise of social movements such as antifa across the globe. This group will start emerging in the realm of cyber terrorism as more right leaning governments are elected and Europe continues to see a split between their members.