Taking this week’s reports in two parts, this blog looks at notable security concerns as we move into the new year. Reviewing our daily reporting over the last few weeks and Wednesday’s Threat Dashboard content, the Gate 15 Threat and Risk Analysis Cell (TRAC) noted in Thursday’s Torpedo Report, that the events of the past week have reinforced the significant security threats and challenges that were faced in 2016, both those persistent concerns and the introduction of new tactics and techniques. Looking ahead to 2017 can be daunting. Security professionals can evaluate recent attacks and anticipate the evolution in existing and emerging threats to assess the risks to their organizations – operations, people and property (physical and intellectual) and be able to apply a prioritized approach to preparedness and operational activities into the next year.
Assessing the year that was and looking to the year that will be, we highlight some of the notable items from 2016 that we believe will persist as we move into 2017. Among 2017’s Notable Security Considerations we note the following:
- Ransomware. This threat has been persistent and evolving throughout 2016, moving into various sectors and targets of opportunity. The security community has consistently assessed that ransomware will continue to promulgate and become more sophisticated in 2017, building off lessons learned over the past year. As organizations heed the advice to take appropriate precautions and back up their systems, conduct preparedness activities and explore viable technology solutions, the threat will continue to adapt and look for new vulnerabilities. Ransomware as a Service (RaaS) emerged in the latter part of 2016 and will likely become one of the new security buzz words in 2017.
- Mobile Threats and Mobile Malware. Malware has largely remained within the domain of traditional computer platforms, though we are starting to see an aggressive push into the mobile space, particularly on Android devices. This is expected to continue as mobile devices become the primary tool used by consumers to process day to day life activities. Mobile devices will become the main target for malicious actors, and the main challenge for security professionals to protect. BYOD processes will become a major point of emphasis as organizations attempt to grapple with this challenge.
- IoT Security Challenges. 2016 saw the challenges that IoT brings to security, and with the exponential increase in connected devices, attackers will increasingly focus on IoT opportunities; both to access networks and to use devices to launch external attacks, such as the notable DDoS attacks observed at the end of this year. From facilities to medical devices, IoT will continue to increase rapidly throughout the critical infrastructure community and will continue to pose challenges as organizations, individuals, and families integrate new devices and tech at work and home.
- Cyber-Espionage Effects. Whether it was the US elections, a leak from an online source, or the theft of proprietary information/critical information, cyber-espionage made headlines. While the days of dark alleys and secret meetings still exist, the reliance on non-attributable, and more secure methods to conduct espionage will increase. As new tactics are employed compromise organizations’ most sensitive information and systems and to counter even the often thought most secure of defenses (such as overcoming air gapping), cyber-espionage will only create more headlines.
- Hostile Events. The rise of low-tech, low-visibility attacks, as has recently been on display,continues to highlight the challenges security professionals face in the current threat environment. With Daesh losing ground in its areas of operation in Syria, Iraq and Libya, we are seeing the group increasingly attack in Europe and Asia and certainly with an eye to North America, Australia and other areas. Al-Qaeda continues to be a threat and also continues to encourage low-tech terrorism. We continue to encourage that the current period and through the US Presidential Inauguration should be treated as a period of heightened concern for these types of attacks and beyond that, the increase in lone actor and small group attacks – to include the potential for small group complex coordinated attacks – will persist globally throughout the new year.Not listed here but also worth considering are negligent and hostile insider threats, social media and Point-of-Sale security, and data breach response capabilities. Also, please note, the above list focuses on cyber and physical security concerns. That is not to diminish the importance of maintaining awareness of the natural hazards and health threats that can impact your organization and ensuring a proper level of preparedness to address those concerns. Severe weather, notable earthquakes, bird flu outbreaks and other ongoing issues serve to remind of the constant all-hazards threats leaders need to continually assess.
The complete Torpedo Report includes additional background and analysis as well as some preparedness and operational ideas for leaders to consider. This week’s reports and previous releases can be linked to from the “Reports” tab of this website.
To help leaders maintain active threat situational awareness, we distribute our (free!) daily paper and the above mentioned weekly products. Our team hopes they can help you achieve a sound background as you assess your organizational risks and then apply a threat-informed, risk-based and prioritized approach to preparedness and operations. If you’re not already signed-up, subscribe to our free products and receive them directly! Free reports include our daily paper, the Gate 15 SUN, with additional detail, focus and analysis in the weekly Threat Dashboard and Torpedo Report.