In 2017: Cool New Tech, Ominous Cyber Threats & Increased Terrorism in the West

A lot of new and exciting technology will emerge or become more prominent in 2017 and the following is just a glimpse of what is anticipated.

IoT & Smart Home Tech

Smart home technology had been in the works for years before finally getting off to a relatively slow start. But, now that large companies like Apple, Amazon and Google have jumped onboard, smart home tech is expected to significantly pick up the pace in 2017.

VR & AR

In 2016, Oculus Rift was released, following which thousands of virtual reality (VR) games and apps were released on the market. And, augmented reality (AR) game, Pokémon Go, exploded on the market with over 100 million downloads. In 2017, however, VR and AR are expected to really take off.

Machine Learning

Machine learning will advance in 2017, paving the way for it to become a fixture in the workplace. This type of artificial intelligence (AI) is expected to become a component of every type of technology. For instance, robotic journalists have been in circulation for a couple of years now and this trend is expected to expand exponentially in the white collar arena. It will have a lot of impact on the job market because some positions will no longer be needed. But, the combination of automation and machine learning will usher in groundbreaking efficiency in the workplace.

Autonomous driving

More advances from makers of self-driving cars are expected. For example, since initially introducing its ‘Autopilot‘ feature in 2015, Tesla has been continuously tweaking the autonomous capabilities of its vehicles. This highlights the far-reaching capabilities self-driving technologies hold for the future. Additionally, Uber recently acquired self-driving hardware developer Otto and has subsequently put its first fleet of self-driving trucks on the road. In Pittsburgh, Uber has also conducted some real world self-driving tests with its cabs.

Chinese Technology Will Make More Significant Inroads Into the West

As an increasing number of Chinese companies are focused on European and US markets, they will continue to maintain their customer base in China. “Huawei, already a fairly well-known brand in the west, is pushing its Honor brand as a way to drop the budget image for a new demographic. And software firms are getting in the game too. Tencent, makers of WeChat (that’s ‘China’s WhatsApp’, for those playing along at home), is pushing hard into the west, taking on Facebook at its own game.”

And, what cyber threats are coming down the line in 2017?

* Old breaches surfacing – A more dangerous trend than the malware that emerged in 2016 is that of past breaches surfacing. The information in historical breaches has often been sold on the darknet for some time before the breach’s existence comes to light. That is essentially what happened to Yahoo and it happened twice in one year, when the data breaches from 2013 and 2014 resurfaced. The breaches impacted a billion and half a billion accounts respectively. As The Guardian aptly explains it: “Because data breaches can happen undetected, fixing your cybersecurity in 2016 isn’t just locking the stable door after the horse has bolted; it’s locking the stable door without even realizing the horse made its escape years ago.”

* Cyberwar – As was the case with the Stuxnet virus which destroyed Iranian nuclear centrifuges and the US Office of Personnel Management hack, the thing that makes launching a cyberwar attack appealing is that attribution is difficult. The incidents are usually explained away with hunches as opposed to being able to provide conclusive evidence. “Rock-solid attribution to not just a nation but a chain of command is almost impossible,” The Guardian’s Alex Hern has noted. And, according to security expert Hitesh Sheth, head of cybersecurity firm Vectra, “US businesses and the US government should expect an increase in the number and severity of cyber-attacks, led by select nation states and organised political and criminal entities.”

* More innovative hackers – According to Adam Meyer, chief security strategist at SurfWatch Labs, “2017 will be the year of increasingly creative [hacks].”

* Step aside single-target ransomware. Make way for the self-propagating worms of the past, such as Conficker, Nimda, and Code Red, which will return to prominence—but this time around they will carry ransomware payloads capable of infecting hundreds of machines in an astoundingly short period of time.

* DDoS attacks on IoT devices – Hackers will target all types of internet-connected endpoints and employ them in DDoS attacks, but at a higher rate than before. Network World reports that, “in the rush to roll out all manner of IoT devices, security has taken a back seat. That means more serious incidents such as the denial of service attack on domain lookup service Dyn, are highly likely. The Mirai botnet was cited as the culprit, exploiting 50 to 100 thousand IoT devices.”

* DDoS will also bourgeon into a “weapon of mass obstruction” – DDoS attack firepower in 2016 catapulted to frightening levels – rising from 400Gbps bandwidth to 1Tbps or more. This was due to millions of IoT devices lacking even the most basic security. That same firepower can be utilized to take down critical infrastructure and even the internet infrastructure of whole countries. This may be done in conjunction with a physical military attack.

* Inexperienced, albeit dangerous hackers who will not need a skill set – There are now tools that are relatively easy to access, for those who are willing to pay for them. CSO Online predicts, “this trend will continue to spark the rapid growth of cybercriminals in the wild. Whether someone is politically motivated, disgruntled about something, or a career criminal, off-the-shelf hacking tools make it easier for them to make their mark and will cost companies millions in 2017.”

* Malware via third-party vendors – Third-party vendors are a potential gateway to their connected customers. So, no matter how great a business’s security system is, if that business doesn’t hold all of their third-party partners to the same level of scrutiny, their customers will always be at risk. Consider the situation involving Wendy’s in which over 1,000 franchised locations were compromised by a Point-of-Sale (PoS) malware attack. You can count on more, similar activity in 2017 and that will be the case until companies address third-party risk management.

* Shortage of IT security professionals – This is not a new issue, of course, but with more than a million vacant positions worldwide, there have never been more jobs available in cybersecurity.

* State-sponsored hackers – A concern for both organizations and governments now is the steadily growing cadres of state-sponsored hackers, who have an endless array of resources.

* The cloud & mobile computing – Applications and data are moving to the cloud. This, no doubt, will create a new aggregation of vulnerabilities. It stands to reason, though, since “the ‘cloud’ is just someone else’s computer, and by moving and sharing information across more devices and people, the attack surface grows—and so does the opportunity for attackers.”

* Drones will be used not only for attacks, but for espionage, too – Threat actors will be moving in the direction of leveraging capabilities that will allow hacking into drone signals and “dronejacking.”

* An onslaught of attacks on open source – Hackers have come to the realization that applications are an easily exploited weak spot in most organizations. Couple that with the lax job most companies are doing with securing and managing their code–even when patches are available! Hence, these types of exploits will increase in 2017–against sites, applications, and IoT devices.

* Phishing expeditions – Employees are the weakest link in security. Almost all enterprise hacks begin with phishing. However, as noted by Taylor Armerding, writing for CSO Online, “they will need to pay closer attention to the rise in popularity of free SSL certifications paired with Google’s recent initiative to label HTTP-only sites as unsafe. That will weaken security standards, driving potential spear-phishing or malware programs.”

* Hacking Cars – Automobile manufacturers don’t really know much about the software installed in the cars they make because it comes from third parties. In addition to that, this will most likely include open-source components with security vulnerabilities–a hacker’s paradise. This will also likely lead to a large-scale automobile hack, which could include “cars held for ransom, self-driving cars being hacked to obtain their location for hijacking, unauthorized surveillance and intelligence gathering, or other threats.”

* Potential for cyber attacks on grids and nuclear facilities – Again, emphasis should be placed on the human element. The Stuxnet incident demonstrated how a tenacious hacker can overcome cyber protection efforts simply by targeting vulnerable employees. This applies to both grids and nuclear facilities. And, the cybersecurity of both has been abysmally lacking.

Terrorism Trends in the West

According to a report by IHS Jane’s Terrorism and Insurgency Centre (JTIC), recent attacks by ISIS illustrate its use of returned foreign fighters to launch attacks, called for by the terror group’s central leadership. “Western members of the group in Iraq or Syria would communicate with supporters back in their home countries in order to directly encourage, support, and direct attacks therein.”

Moreover, the recent escalation in terror attacks in the West will likely continue in 2017. And, the trends contributing to the current level of terror, that have been building up for years, have not yet peaked. ISIS has exhibited a clear operational presence in Europe and it will take years to come to eliminate the threat posed by these terror groups and the individuals they recruit.

The new year will bring with it fascinating innovations in technology, which in turn will provide hackers and terrorists a multitude of new ways to launch attacks.

Written by: CandiceLanier

Author Bio:

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – 2017 Predictions, cyber security)