A look at the 2016 predictions

This is the period of the year when we verify the cyber security predictions made last year trying to imagine the evolution of the threat landscape in the next year.

Below is the list of predictions I made last year:

The criminal practices of the extortion will reach levels never seen before.

Cyber criminals will use to threaten victims with ransomware and DDoS attacks in an attempt to extort money to stop the attacks or to allow victims to rescue the locked files. Ransomware will be used to target IoT devices like SmartTV, wearables, and medical devices.

This is exactly what has happened this year. The extortion has been one of the most profitable activities of cyber-criminal gangs. Security experts have observed a significant increase in the number of ransomware-based attacks that also targeted critical infrastructures such as hospitals and utilities.

The year of the criminal-as-a-service. Criminal syndicates will look with increasing interest to cybercrime as an opportunity to differentiate different illegal activities.

A growing number of threat actors will offer their products and services to the organized crime causing a significant increase in illegal activities and the birth of well-founded criminal crews.

The prediction was correct. This year we law enforcement and intelligence agencies have discovered many crime services offered in the criminal communities. Ransomware-as-a-service, botnet, and other crimeware kits have been offered for sale or rent in the criminal underground communities.

A joint international effort to fight the cyber crime

We will see greater collaboration between intelligence and law enforcement agencies of different countries in the fight against cybercrime. The only way to stem the rise of cyber-criminal activities is to cooperate and establish a legal framework, which is shared in an international context.

The prediction was correct. Law enforcement agencies across the world are increasing their collaboration to fight criminal syndicates that operate on a global scale. In 2016, law enforcement from several countries conducted several operations that allowed to dismantle criminal rings specialized in the diffusion of malware, money laundering and child pornography.

Goodbye to passwords

The numerous data breaches observed in the last years urge a new approach to the authentication problem. The authentication process must be efficient and have to improve the user experience. A growing number of organizations will begin using authentication methods based on alternative technologies, including biometric, geolocation, Bluetooth proximity and behavioral analysis.

Several organizations are starting to adopt new solutions for authentications of their customers and users. The banking industry is one of the sector more advanced in this sense. New authentication methods based on biometrics are improving the user’s experience offering a reasonable level of security

Cyber espionage will be the most serious threat to governments and private businesses

In 2016 cyber espionage attacks would increase in frequency and become sophisticated. Nation-state actors and well-funded hacking groups will conduct stealthier espionage campaigns with a significant impact on the global economy.

Threat actors will conduct cyber-attacks relying mainly on the darknets and adopting even more sophisticated evasion techniques. We will assist to an increment of cyber-attacks exploiting zero-day exploits to breach the target systems.

This prediction is correct; nation-state actors have continued to represent one of the main threats to government and private businesses. In the last twelve months, the number of cyber-attacks aiming to steal sensitive information and intellectual property continued to increase.

New trends for payment frauds

The point-of-sale system frauds and counterfeit credit cards will reduce thanks to countermeasures adopted by the financial institutions, such as the diffusion of EMV cards and the adoption of digital wallet solutions.

As a result, we will assist with the increase of Card-Not-Present (CNP) frauds, new payment technologies such as mobile wallets will introduce additional opportunities for credit card theft and frauds.

Expect a growing number of attacks on third-party payment applications that link to accounts at the financial institution.

This prediction was correct too. We have observed a significant increase of Card-Not-Present (CNP) frauds.

The US elections will be the target of new hacking campaigns

Social media are a primary communication method for politicians; the online activity will be intense in the period before the elections, and cyber criminals and nation-state actors will try to exploit the event to launch cyber-attacks.

Hackers will exploit the event to spread malware and compromised computers of a large number of people. Expect lures made to look like a political party or candidate email, explaining their program or advocating an online petition or survey on election issues.

There is also the risk that state-sponsored hackers will run spear phishing attacks and watering hole attacks to compromise machines of specific individuals or groups.

This prediction was correct. We are all still discussing the hacking campaigns that targeted the 2016 Presidential election. Security experts speculate the involvement of the Russian state-sponsored hackers that targeted US politicians. President Barack Obama has ordered US intelligence agencies to deeper investigate the alleged Russian interference with the 2016 Presidential Election.

The Internet of Thing under attack

The number of cyber-attacks against systems belonging to the category of the Internet of Things will continue to increase. These smart objects will be targeted to steal sensitive data but also to abuse their resources and involve them in cyber-attacks.

The lack of security by design and poor security settings will be the principal reasons for the success of the attacks that will target IoT devices next year.

This prediction was correct. We have observed a rapid explosion of the number of cyber threat specifically designed to target IoT devices. The Mirai botnet is the most popular threat that targeted IoT devices worldwide, including routers, CCTVs, and DVRs.

The Mirai bot has monopolized the threat landscape; it is responsible for most powerful DDoS attacks ever seen that targeted organizations such as the Dyn DNS server.

Commercial crimeware kits will continue to represent a privileged weapon for hackers

Exploit kits, like the notorious Angler Exploit Kit, will continue to be a privileged choice for attackers that exploit it to compromise users’ machines. Hackers will exploit the huge number poorly configured websites to host malicious exploit kits and serve malware.

This prediction is correct. It was too easy to predict the diffusion of commercial crimeware kits in the cybercriminal ecosystem.

This year we assisted rapid changed in the cyber criminal underground, the Angler, and Nuclear EKs disappeared from the threat landscape due to the operations of the law enforcement, while RIG became the most used EK, while the popularity of the Sundown EK rapidly increased.

The number of cyber-attacks will continue to grow almost in every industry.

Once again, healthcare, energy and financial will be the sectors most targeted by cyber criminals. SMBs will become a bigger target for cybercriminals because they lack the security budgets of large enterprises.

SMBs are more vulnerable to hacking attacks that can easily compromise their systems and steal sensitive information.

We just have to wait until next year to see what will happen!

Awesome. Also, this last prediction was correct! The number of cyber-attacks against SMBs is increased, and the healthcare and energy were the sectors mostly target by threat actors.

Prediction Result
The criminal practices of the extortion will reach levels never seen before.

The year of the criminal-as-a-service. Criminal syndicates will look with increasing interest to cybercrime as an opportunity to differentiate different illegal activities.

A joint international effort to fight the cyber crime

Goodbye to passwords

Cyber espionage will be the most serious threat to governments and private businesses

New trends for payment frauds

The US elections will be exploited for new hacking campaigns

The Internet of Thing under attack

Commercial crimeware kits will continue to represent a privileged weapon for hackers

The number of cyber-attacks will continue to grow almost in every industry.

2017 – Predictions

Ransomware, one of the most dangerous cyber threats

Ransomware will be one of the most dangerous menaces in the threat landscape. The number of new Ransomware families will increase, and the malware authors will implement new features to make these specific threats even more efficient and hard to detect. Security experts will discover a greater number of ransom-as-a-service platforms.

Cybercriminals focus on crypto currencies

Cyber criminals will continue to show a great interest in earning opportunities offered by cryptocurrencies. Security firms will continue to detect malware specifically designed to steal crypto currencies or to abuse victim’s resources for mining activities.

The Zcash currency will probably offer the greatest financial opportunity to criminal syndicates.

Zcash mining will remain among the most profitable compared to other cryptocurrencies; this means more opportunity for cyber criminals that started creating botnets for mining.

Nation State Actors hacking and the urgency of norms of state behavior

We will assist in a growing effort of governments in Information Warfare. The number of campaigns conducted by Nation-state attacks will increase, but the increasing detection abilities will allow security experts to discover a larger number of state-sponsored hacking campaigns. States will work on the development of sophisticated cyber weapons to use in both cyber espionage campaigns and sabotage operations.

Ethical Hacking Training – Resources (InfoSec)

The proliferation of cyber weapons and the increase in the number of nation-state hacking campaigns will force states in discussing the definition of a globally accepted framework of norms of state behavior.

A joint international effort to fight the cyber crime

We will see the consolidation of the collaboration between law enforcement agencies worldwide that will join the forces against criminal organizations across the world.

IoT devices, a dangerous weapon in the wrong hands

We will assist with a growing number of cyber-attacks powered by compromised IoT devices. In the first months of the year, we will see new attacks powered by improved versions of the dreaded Mirai Botnet.

The lack of security by design and poor security settings will be the principal reasons for the success of the attacks that will target IoT devices next year.

Unfortunately, IoT vendors will continue to put on the market devices that are easy to exploit by crooks for cyber-attacks.

We will see a significant diffusion of ThingBot, some of them will also be offered for rent to power massive DDoS attacks.

IoT incident and the increase in cyber threats will prompt regulatory responses.

The dramatic increase in Mobile threats

Security firms will observe a continuous growth of mobile malware, with ransomware, financial malware, and remote access tools (RATs) among the leading threats. Android mobile OS will continue to be the privileged target of crooks.

The rise of Artificial Intelligence

The security industry will look with great interest to the Artificial Intelligence and cognitive technology.

In 2017, artificial intelligence will continue to grow such as the investments in security solutions based on AI engines.

The first implementations of systems based on the artificial intelligence will be deployed to protect critical infrastructures worldwide.

Exploit kits, the hackers’ Swiss Army knife

Exploit kits will continue to dominate the threat landscape; it will be the privileged attack vector for both cyber criminals and state-sponsored hackers.

Adobe Flash Player and Microsoft products (Internet Explorer, Silverlight, Windows) continue to be privileged targets of threat actors.

RIG EK will continue to be the most used exploit kit in the first months of the year, while the Sundown EK will rapidly increase its popularity.

Cyberbullying … it is an emergency

Cyberbullying refers to the practice of using technology to harass, or bully, someone else. Teenagers are the most exposed to this practice and the number of victims will dramatically increase despite the numerous initiatives of authorities. States will promote new campaigns to prevent this phenomenon and provide a strong response to this cruel cyber-crime.

The number of cyber-attacks will continue to grow almost in every industry.

It is very easy to predict a constant increase of cyber-attacks in the wild. Healthcare, energy, and retail will be the sectors most targeted by cyber criminals. While enterprise will improve their security posture, SMBs will continue to be exposed to hacker attacks,

Lack of awareness about cyber threats and significant cuts on budgets reserved to cyber security are principal problems for SMBs.