Story image

What to expect from cyber attacks in 2017

10 Jan 2017

Latest research shows that attackers are holding data for ransom at an alarming rate as they continue to deploy attacks across every industry. Along with the rise of ransomware and mushrooming of mass malware, attackers are increasingly utilising non-malware attacks in attempting to remain undetected and persistent on organisations’ enterprises. 

These non-malware attacks are capable of gaining control of computers without downloading any files and are using trusted, native operating system tools (such as PowerShell) and exploiting running applications (such as web browsers and Office applications) to conduct malicious behaviour.

As organisations plan to defend their enterprises against ransomware and non-malware attacks, here’s what to expect in 2017.

1:  Non-malware attacks will escalate and become more severe

Attackers are increasingly utilising non-malware attacks in an effort to remain undetected on organisations’ endpoints.

Non-malware attacks leveraging PowerShell and Windows Management Instrumentation (WMI) saw a significant rise in 2016. Additionally, instances of severe non-malware attacks grew throughout 2016. According to recent research, over a 90-day period, about one-third of organisations are likely to encounter at least one severe, non-malware attack.

Deployment of non-malware attacks in the wild has moved, with regularity, into attack campaigns. For example, earlier this year, Carbon Black discovered the first known instance of PowerShell being used in a ransomware attack with PowerWare. By using PowerShell, PowerWare avoids writing new files to disk and tries to blend in with more legitimate computer activity.

The alleged hack against America’s Democratic National Committee (DNC) earlier this year was reported to have leveraged both PowerShell and WMI in order for attackers to move laterally and remain undetected.

As we turn the calendar to 2017, non-malware attacks are at the highest levels I’ve seen and should be a major focus for security defenders during the coming year. 

2: The ransomware blitz will continue

While ransomware is more than 30-years-old, it experienced a renaissance of sorts for attackers in 2016. According to recent data, the number of ransomware instances grew by more than 50 per cent in 2016 when compared to 2015.

And while mass malware still accounts for the majority of total malware, ransomware is stealing the headlines. Unfortunately, that’s because it works and has resulted in major paydays for attackers. In 2015, ransomware was a $24 million crime. As we close out 2016, businesses from all industries have lost more than $850 million to ransomware. 

Ransomware is quickly evolving in sophistication. Payloads are increasingly infecting hundreds of machines at once, as occurred during the attack against the San Francisco Municipal Transport Agency, where more than 2,000 systems were locked down.

Until organisations unilaterally make prevention of ransomware attacks a top priority, we’ll continue to see ransomware make headlines in 2017.

3: Cyber-security investments will rise on a global scale

Organisations are quickly coming to the realisation that traditional antivirus does very little to stop modern attacks. The proliferation of non-malware attacks has accentuated this issue. 

Major global hacks against the several international banking network and the Ukraine power grid, among others, have served as clarion calls that critical infrastructure and worldwide financial systems will continue to be targeted. 

In the U.S., alleged attacks against voter databases and the election process have placed a renewed emphasis on cyber security as an issue of national security. 

As a result, we will see a significant shift away from traditional antivirus solutions around the globe in 2017 as private organisations and worldwide governing bodies effort to curb the growing trend of attacks seen this year.

2017 challenging

Year 2016 was not a good year for cyber defenders, and 2017 is looking like another challenging year.  While investments are being made with innovation and deployment, there is still work to do when it comes to cyber-security awareness, preparation, and culture.

We must work to increase our leverage, through employee training, automation, and getting more value out of our security investments. There’s a lot of opportunity to improve in 2017, so let us take some of these predictions and figure out how to make these attacks less likely to cause significant harm.

Article by Ben Johnson, chief security strategist, Carbon Black 

Platform9 and Intersect partner to bring unified cloud to A/NZ
“For Intersect, Platform9 represents the single most strategic solution to a set of challenges we see expanding across the board."
Meet the future of women in IT
Emily Sopers has just won Kordia’s first ever Women in Technology Scholarship, which was established to address gender imbalance in the information and communications technology (ICT) sector.
Web design programmers do an about face – again!
Google is aggressively pushing speed in the mobile environment as a critical ranking factor, and many eb design teams struggling to reach 80%+ speed scores on Google speed tests with gorgeous – but heavy - WordPress templates and themes.
Digital spending to hit US$1.2 trillion by 2022
A recent study by Zinnov shows that IoT spend reached US$201 billion in 2018 while outsourcing service providers generated $40 billion in revenue.
'Iwi Algorithm' can grow Aotearoa's mana
Ngāti Whātua Ōrākei innovation officer Te Aroha Grace says AI can help to combine the values from different cultures to help grow Aotearoa’s mana and brand – and AI is not just for commercial gain.
Dropbox brings in-country document hosting to A/NZ & Japan
Dropbox Business users in New Zealand, Australia, and Japan will be able to store their Dropbox files in-country, beginning in the second half of 2019.
Why 'right to repair' legislation could be a new lease on life for broken devices
“These companies are profiting at the expense of our environment and our pocketbooks as we become a throw-away society that discards over 6 million tonnes of electronics every year.”
Kiwis know security is important, but they're not doing much about it
Only 49% of respondents use antivirus software and even fewer – just 19% -  change their passwords regularly.