WatchGuard makes seven security predictions for 2017

WatchGuard makes seven security predictions for 2017

Security researchers at WatchGuard Technologies warn of ransomworms, IoT botnet zombies, civilian cyber cold war casualties and the use of AI in attacks in the next 12 months.

  1. 2017 will see the first ever Ransomworm, causing Ransomware to spread.

Cybercriminals will take ransomware to the next level in 2017 by introducing the kind of auto-propagating characteristics traditionally found in network worms like CodeRed and Conficker. This will result in a breed of ransomware designed to produce endless duplicates of itself, spreading the infection across an entire network.

  1. Attackers will exploit infrastructure-as-a-service (IaaS) as both an attack platform and attack surface.

Cloud adoption is growing at an incredible rate among organisations of all sizes. RightScale’s 2016 State of the Cloud report showed that 71% of SMBs are running at least one application in AWS or Azure. As these platforms have become increasingly engrained in the fabric of business operations, they’ve also become a ripe target for criminal hackers. Public infrastructure-as-a-service (IaaS) will be leveraged as both a potential attack surface and as a powerful platform to build criminal malware and attack networks. Expect to see at least one headline-generating cyberattack either targeting, or launched from a public IaaS service next year.

  1. IoT devices become the de facto target for botnet zombies.

In 2016, the Mirai IoT botnet source code was leaked, enabling criminals to construct enormous botnets and launch gigantic distributed denial of service (DDoS) attacks with record-setting traffic. Now that hackers are weaponising IoT devices in this way, we can expect them to expand beyond DDoS attacks in 2017. The pure volume of Internet-connected devices that are manufactured full of vulnerabilities presents a shiny new attack surface that hackers are sure to use to their advantage. In the coming year, we’ll see criminals launch specialised IoT botnet click-jacking and spam campaigns to monetise these new attack methods the same way that traditional computer botnets were monetised.

  1. In 2017, we’ll see civilian ‘casualties’ in the Cyber Cold War.

With the nation state cyber cold war well underway, expect to see at least one ‘civilian’ casualty as collateral damage in 2017. In the past several years, nation states have allegedly damaged enemy nuclear centrifuges using malware, stolen intellectual property from private companies and even breached other governments’ confidential systems. For some time now, the U.S., Russia, Israel and China have been mounting strategic cybersecurity operations and hording zero-day flaws to use against one another. This government practice of building up arsenals of vulnerabilities – rather than helping vendors fix them – will undoubtedly lead to an unsuspecting private business or citizen falling victim to an undisclosed zero-day exploit.

  1. SMBs turn to small MSSPs for cyber security.

As they continue to be aggressively targeted by cyber criminals, small and medium businesses (SMBs) will continue to make network security a higher priority. With small IT teams and rarely any dedicated security professionals on staff, and without the resources to configure, monitor or adjust their own security controls, SMBs will recognise that their managed service provider (MSP) may be the solution. As a result, MSPs will continue to add security services to their basic IT offerings. In 2017, at least a quarter of small businesses will turn to more specialised managed security services providers (MSSPs) for their security needs and this percentage will continue to increase each year.

  1. Increased use of biometrics hides credential insecurity; passwords aren’t really gone.

In the face of countless credentials breaches over the past several years, biometric solutions like fingerprint scanners for authentication will continue to rise as a popular alternative to passwords. These frequent breaches have also brought into question whether or not passwords should be part of the authentication solution at all. The widespread adoption of biometrics as a convenient alternative to remembering passwords and as the primary method for authentication in 2017 will not erase the fact that weak passwords are still hiding in the shadows –  a core part of operating systems and just as vulnerable as ever.

  1. Attackers start leveraging machine learning and AI to improved malware and attacks.

Cyber security companies will come to a rude awakening when it becomes clear that they don’t have a monopoly on machine learning in 2017. Machine learning has done far more than any human could to help the security industry become more predictive and less reactive in the fight against malware. By analysing gigantic datasets and huge catalogues of good and bad files, these systems can recognise patterns that assist information security pros in rooting out never before seen threats. Next year, advanced cyber criminals will turn the tables and begin leveraging machine learning themselves to cook up new and improved malware to challenge machine learning defences.

Corey Nachreiner, CTO at WatchGuard Technologies says:

“As new technologies come out, attackers continue to evolve their attacks to be more effective. As the Cloud, IoT and AI become increasingly prevalent, hackers adjust their tactics and create more evasive malware and new attack vectors that exploit previously hidden vulnerabilities. And hackers are not only focused on the big companies; SMBs have customer data and computing resources that cyber criminals are increasingly targeting.”

[su_button url=”http://www.watchguard.com/” target=”blank” style=”flat” background=”#df2027″ color=”#ffffff” size=”10″ radius=”15″ icon=”icon: arrow-circle-right”]Click here to find out more about WatchGuard[/su_button]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

predictions

StorCentric and Retrospect – 2022 predictions

StorCentric and Retrospect, share their 2021 reflections and 2022 predictions from Surya Varanasi, CTO of StorCentric, and JG Heithcock
Vectra

Vectra reveals industry predictions for 2022

Vectra AI released its industry predictions for 2022, highlighting the changing tactics among ransomware gangs, and the fact that multifactor authentication
predictions

Okta’s 2022 security predictions

Ben King, the CSO for EMEA & APAC at Okta share’s Okta’s security predictions for 2022. Organisations jump to better security as
Trend Micro

Trend Micro predicts cyber fightback in 2022

Trend Micro published the Trend Micro Security Predictions for 2022: Toward a New Momentum that states that organisations in the region will
predictions

Okta’s 2022 security predictions

Ben King, the CSO for EMEA & APAC at Okta share’s Okta’s security predictions for 2022. Organisations jump to better security as

United Nations will enact a Cyber Security Treaty says WatchGuard

Escalations in state-sponsored cyber attacks will force the United Nations (UN) to tackle the Cyber Security Treaty during 2019, according to WatchGuard.
WatchGuard

United Nations will enact a Cyber Security Treaty says WatchGuard

Escalations in state-sponsored cyber attacks will force the United Nations (UN) to tackle the Cyber Security Treaty during 2019, according to WatchGuard.
WatchGuard

Malware appears on the WatchGuard top ten malware list for first time

Mac-based malware has appeared on the list of the top ten most common types of malware in WatchGuard’s quarterly Internet Security Report.
WatchGuard

Malware appears on the WatchGuard top ten malware list for first time

Mac-based malware has appeared on the list of the top ten most common types of malware in WatchGuard’s quarterly Internet Security Report.

Malware appears on the WatchGuard top ten malware list for first time

Mac-based malware has appeared on the list of the top ten most common types of malware in WatchGuard’s quarterly Internet Security Report.
Scroll to Top