As far as cybersecurity goes, we bid farewell to a year replete with high-profile attacks that have jeopardised large corporations and private users. Ransomware attacks from Petya, Trojans such as Gugi for Android, the spyware Pegasus, PunkeyPOS, or large-scale attacks targeting PoS (Point of Sale) terminals as well as the recent DDoS (Distributed Denial of Service) attacks have affected large organizations and international communication networks.
PandaLabs, Panda Security’s anti-malware laboratory, presents a list of what to expect in the coming months:
Cybercriminals focus their efforts on those attacks which can rake in the most profit, using more effective tactics and professionalising their operations in a way that allows them to make quick and easy money in an efficient manner.
These encryption Trojans will take centre stage with regard to malware attacks and will cannibalise other more traditional attacks that are based on data theft. The pursuit of profit is the primary motivation of cybercriminals, and ransomware is the simplest and most effective way to achieve this. Some things never change: victims of this hijacking malware will have to decide whether to pay, or not, to recover their data. Panda Security encourages victims to keep in mind that paying the ransom does not guarantee the total recovery of stolen data.
The number of attacks directed at corporations will increase, as these attacks become more and more advanced. Companies are already the prime target of cybercriminals, as their information is more valuable than that of private users.
IoT (Internet of Things)
The next cybersecurity nightmare. The technological revolution has ushered in the complete integration of smaller devices into the grid, which can be converted into entryways into corporate networks.
The final months of 2016 witnessed the most powerful DDoS (Distributed Denial of Service) attacks in history. These attacks were carried out by bot networks that relied on thousands of affected IoT devices (IP cameras, routers, etc.). 2017 will see an increase in this kind of attack, which is typically used to blackmail companies or to harm their business (by blocking web access, online shopping, etc.).
Focusing on one single OS makes it easier for cybercriminals to fix a target for maximum dissemination and profitability. Android users will get the worst of it in the next 12 months.
The precarious situation with regard to international relations can have huge — and serious — consequences in the field of cybersecurity. Governments will want access to still more information (at a time when encryption is becoming more popular), and intelligence agencies will become still more interested in obtaining information that could benefit industry in their countries. A global situation of this kind could hamper data sharing initiatives in the next year.