New challenges await practitioners tasked with securing the Internet of Things, as technology continues to streamline the way we interact with one another. Whether it’s a retailer using analytics to attract targeted consumers or a hospital using collaborative software to communicate with its staff, the Internet of Things is improving communications for everyone. While advances in AI, cognitive computing, cloud technology, and big data are changing the way organizations solve business problems and deliver services, they’re also creating new challenges for cybersecurity professionals.
“Growing complexity of real-world processes, intertwined with complexity of security protocols protecting them, will lead to many new challenges in practical use cases for security tooling.” – Eugene Pilyankevich, CTO at Cossack Labs
Where Are the Cyberattacks Coming From?
It seems that every time a company publicly announces a cyberattack, the blame is shifted to a nation state like North Korea. Some argue this is nothing more than a tactic to garner sympathy amidst pending laws suits. While nation state attacks are certainly possible, they’re rather unlikely. According to a United Nations estimate, roughly 80 percent of cybercrime is coming from organized, cyber gangs- not nation states. This $445 billion industry is surpassing the illegal drug trade and creating an overwhelming number of secretive, yet powerful black hat organizations that drive the cybersecurity industry.
In April of 2017, the black hat organization called the Shadow Brokers launched a full-scale, ransomware attack infecting hundreds of thousands of outdated Microsoft operating systems all over the world. The attack was followed by a threat from the same organization to exploit a leak in Windows 10. Ultimately, the source of the ransomware was determined to be stolen software from the NSA. This mishandling of destructive software drew harsh criticism from Microsoft’s president and chief legal officer, Brad Smith.
Unfortunately, the number of black hat organizations continues to grow. Groups like the Shadow Brokers, TeaMp0isoN, TeslaTeam, DERP, UGNazi, and others will continue to be the main source of cyberattacks for many years to come as these criminals continue to rake in massive profits.
Where Will Future Cyberattacks Occur?
The ongoing battle between cybersecurity practitioners and black hat hackers will occur in the Cloud. The growing reliance on cloud technologies is creating a host of vulnerabilities found within cloud applications. According to Symantec, the leader in IT security, CIOs will need to have better control over cloud app usage and access. These cloud applications will be the new access points for those looking to do harm.
What Type of Cyberattacks Will We See?
Future cyberattacks will include many of the same threats cloud infrastructures face today. These threats include:
- Compromised Credentials – Weak passwords and poor end user security policies
- Hacked APIs – Compromised interfaces controlling business applications
- Phishing Scams – Software designed to deceive end users into revealing sensitive information
- Malware – Software created to damage or disable a computer
- Ransomware – Software designed for encrypting or exposing a victim’s data to extort a ransom
- Advanced Persistent Threats – Parasitical software designed to infiltrate systems
- DoS attacks– High volumes of traffic designed to overwhelm a system
Ultimately, shared technology leads to shared vulnerabilities. While cloud technology has improved the way we store data, it has also perpetuated the same security issues we’ve been experiencing for years.
The development of quantum computers will also have a significant impact on the future of cyber security. While these powerful computers have the ability to advance AI, machine learning, materials science, and drug development, they also create new challenges for cybersecurity professionals. According to Scott Totzke, CEO of ISARA Corp, “the dark side of quantum computers is that they will have the power to subvert the classical encryption widely used to protect data today, creating widespread and potentially catastrophic vulnerabilities.”
What Are the Experts Saying?
“The key business threats today will be the key threats of the next two decades as well. While unsophisticated, phishing attacks will always be a cheap and effective money-generating threat and ransomware’s use of encryption will make it hard to discount any time soon.” – Lee Munson, Security Researcher for Comparitech.com
It’s clear cyberattacks involving human error will be around for quite some time. Until future technology advancements are capable of removing human error from this equation, the future will likely see many more phishing, malware and ransomware attacks.
“The top challenge for cybersecurity isn’t preventing data breaches, stamping out ransomware, or preventing ever-more-massive DDoS attacks, it is securing our digital privacy. 2017 and the years to come will dictate the future of cybersecurity, and most importantly human privacy. Digital threats have evolved quickly and can wreak havoc on our lives, endangering our personal privacy and the privacy of those around us.” – Carl Herberger, VP of security at Radware.
We all risk a breach in privacy every time we go online. While tech savvy individuals find it easy to avoid costly mistakes, many others become victims of cybercrime. Whether it’s our own privacy or the privacy of our customers, new technologies are presenting new challenges for everyone.
“The multimillion-dollar ransomware industry has grown and will continue to grow with amazing speed in the years to come, thanks in part to the spread of untraceable cryptocurrency such as Bitcoins and the proliferation of ransomware kits on the dark web, which allow anybody, even script kiddies with no programming skills, to put together and reap the financial rewards of ransomware attacks.” – Brady Keller, Digital Manager for Atlantic.Net.
The massive amount of dark money associated with this criminal industry will only make it grow. After all, nothing motivates action– legal or illegal- like the profit incentive.
Summing It Up?
Securing the Internet of Things involves challenges both new and familiar. It’s clear black hat organizations will continue to be the main source of cybercrime and the Cloud will be the battleground of the future. Whether the challenge is familiar- like ransomware or new- like quantum computing, the future of cyber security will certainly be interesting.