Scribd Logo
Upload

Welcome to Scribd!

  • Introduction Security Trends

    Uploaded by

    Aditya D R
    32 views12 pages
    The document discusses security trends and predictions for 2017. It predicts that ransomware, cybercrime, attacks on IoT devices and infrastructure, and healthcare organizations will increase. Randomness in targeting will grow. Attacks will become more automated and use artificial intelligence. Adobe, Apple may surpass Microsoft in vulnerabilities. Cyber propaganda and hacktivism exposing privacy issues may rise. Threat intelligence sharing will improve but basic changes may not occur and attackers will continue exploiting known issues.

    Original Description:

    Information security class

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document discusses security trends and predictions for 2017. It predicts that ransomware, cybercrime, attacks on IoT devices and infrastructure, and healthcare organizations will increase. Randomness in targeting will grow. Attacks will become more automated and use artificial intelligence. Adobe, Apple may surpass Microsoft in vulnerabilities. Cyber propaganda and hacktivism exposing privacy issues may rise. Threat intelligence sharing will improve but basic changes may not occur and attackers will continue exploiting known issues.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    32 views12 pages

    Introduction Security Trends

    Uploaded by

    Aditya D R
    The document discusses security trends and predictions for 2017. It predicts that ransomware, cybercrime, attacks on IoT devices and infrastructure, and healthcare organizations will increase. Randomness in targeting will grow. Attacks will become more automated and use artificial intelligence. Adobe, Apple may surpass Microsoft in vulnerabilities. Cyber propaganda and hacktivism exposing privacy issues may rise. Threat intelligence sharing will improve but basic changes may not occur and attackers will continue exploiting known issues.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 12

    ISYS 635 1

    BUSINESS INFORMATION
    SECURITY
    Security Trends

    All Your Devices Can Be Hacked


    https://www.youtube.com/watch?v=metkEeZvHTg (17 mins)
    ISYS 635 2

    Survival Time
    (Average survival time between Jan 1, 2017 to Jan 24, 2017)

    Source: http://isc.sans.org/survivaltime.html
    ISYS 635 3

    Trends
    Growing Randomness in Victim Selection
    In the past, large firms were targeted

    E.g. Capt. Zack and AT&T

    Now, targeting is increasingly random

    No more security through obscurity for small firms and individuals


    ISYS 635 4

    Trends
    Growing Malevolence
    Malicious attacks are becoming the norm, e.g.

    Industrial Espionage

    Criminal Intent

    Hacktivism

    Terrorism
    Any action to deny, exploit, corrupt, or
    Cyber Warfare-
    destroy the enemys information and its function, while
    at the same time protecting oneself against those same
    actions.
    ISYS 635 5

    Trends
    Growing Attack Automation
    Attacks are automated, rather than human-directed

    Essentially, viruses and worms are attack robots that travel among
    computers
    Attack many computers in minutes or hours

    Cyber-weapons of mass destruction

    Future Trend- Use of Artificial Intelligence/ Machine Learning in


    attacks
    ISYS 635 6

    Intruder Technology/Tools
    Target home
    Users/net
    edge

    Sophisticated Sophisticated
    command command
    coordinate & control & control

    propagate propagate propagate propagate

    compromise compromise compromise compromise compromise

    scan scan scan scan scan scan

    1997 1998 1999 2000 2001 2002


    ISYS 635 7

    A Few Predictions for 2017


    Ransomware
    Ransomware will attack the cloud (Symantec)
    Ransomware will remain a very significant threat until the second half
    of 2017 (TrendMicro)
    Ransomware-as-a-service, custom ransomware for sale in dark
    markets, and creative derivatives from open source ransomware
    code will keep the security industry busy through the first half of the
    year (TrendMicro)
    Initiatives like the No More Ransom! collaboration, the development
    and release of anti-ransomware technologies, and continued law
    enforcement actions will reduce the volume and effectiveness of
    ransomware attacks by the end of 2017 (TrendMicro)
    Ransomworm to spread ransomware (WatchGuard)
    ISYS 635 8

    A Few Predictions for 2017


    Cybercrime
    Rogue nation states will finance themselves by stealing
    money (Symantec)
    Fileless malware will increase (Symantec)
    Secure Sockets Layer (SSL) abuse will lead to increased
    phishing sites using HTTPS (Symantec)
    Machine learning accelerates social engineering attacks
    (McAFee)
    Dronejacking places threats in the sky (McAfee)
    The rise of voice-activated AI to access Web, data and apps
    will open up creative new attack vectors and data privacy
    concerns (Forcepoint)
    ISYS 635 9

    A Few Predictions for 2017


    IoT (Internet of Things)
    IoT devices will increasingly penetrate the
    enterprise, leading to increased IoT DDoS attacks
    (Symantec)
    IoT malware opens a backdoor into the home
    (McAfee)
    Cyber security battles may favor criminals even
    more as the Internet of Things (IoT) continues to
    expand possible avenues of attack (FireEye)
    Botnet of Things (Imperva)
    ISYS 635 10

    A Few Predictions for 2017


    Targets
    Healthcare organizations
    Religious institutions in Western countries are at
    the top of the list because they typically lack a
    robust security program yet maintain contact
    information and other sensitive data (FireEye)
    Industrial Control Systems (ICS) in the near
    future? A recent report revealed that security
    patches were not yet available for more than 30%
    of identified ICS vulnerabilities. (FireEye)
    ISYS 635 11

    A Few Predictions for 2017


    Adobe and Apple will outpace Microsoft in
    terms of platform vulnerability discoveries!!
    (TrendMicro)
    Increasing cyber-propaganda as the use
    of tools and methods to influence elections
    and public opinion (TrendMicro)
    Hacktivists expose privacy issues (McAfee)
    Threat intelligence sharing makes great
    strides (McAfee)
    ISYS 635 12

    Predictions for 2017


    Nothing Will Change
    Attackers will continue to discover and exploit zero-days. Companies large and
    small will continue to lose data and money to the usual attacks, often because they
    didnt take basic security precautions. Individuals will continue to lose money in the
    usual ways, often because they lack basic knowledge of Internet safety.
    Manufacturers will continue to produce Internet-connected devices with no security,
    or easily by-passable security, enabling attackers to hijack them. Someone might pass
    laws mandating that new Internet of Things devices have security, but those laws will
    be unenforceable and impossible to apply retroactively. No one will deploy a better
    authentication system than passwords.

    - Dan Lacey (White Hat Security)

    You might also like