State-sponsored hacking to open floodgates in 2017

27 Oct 2016

Image: pfshots/Shutterstock

A fresh look at what’s coming down the line in 2017 highlights the knock-on effect created by a growing number of incidents of state-sponsored hacking. Soon, everyone will be at it.

Mobile, industrial internet of things (IIoT), critical infrastructure and cloud services will all come under severe pressure in 2017, as cyberattacks mature and expand.

That’s according to cybersecurity company Check Point, predicting some obvious trends we’re set to expect, and one or two surprising shifts in the IT landscape.

Future Human


Mobile hack

None is more obvious than the strain on the future of mobile, and the present and future of internet access. According to the Identity Theft Resource Centre, already this year there have been over 800 separate breaches in the US alone, compromising almost 30m records.

Check Point’s view that mobile will come under attack thanks to the legacy of state-sponsored hacking is not just worrying for personal users, as the growth in mobile attacks could have a knock-on effect for businesses, with the ubiquitous smartphone set to act as a gateway into company access points.

“The recent nation-state sponsored attacks on journalists’ mobile phones means that these attack methods are now in the wild and we should expect to see organised crime actors use them,” warned Check Point.

Beyond this, the IIoT will struggle to handle the influx of security concerns as connected device production skyrockets.

Last week’s major DDoS attack shows just how vulnerable we humans are in the IoT world.

Millions of US internet users lost access to popular online sites like Twitter, Spotify, Reddit and CNN because of the Mirai botnet, which recruited unsecured IoT devices and marshalled them into a massive DDoS attack.

Nowhere to hide?

The Mirai botnet effectively targets vulnerable internet-connected devices from CCTV cameras to IoT devices in the home, to unleash havoc on businesses anywhere in the world.

Effectively, there is no website on the planet that can withstand a targeted DDoS attack where millions of devices are – often unknown to their owners – crowding the front door of websites, rendering them inaccessible.

According to Check Point, the convergence of IT and operational technology into an IIoT industry is making environments more vulnerable, “particularly the operational technology or SCADA environments”.

“These environments often run legacy systems for which patches are either not available, or worse, simply not used,” said the company.

“Manufacturing, as an industry, will need to extend both systems and physical security controls to a logical place, and implement threat prevention solutions across both IT and OT environments.”

Europol agrees that it’s starting to get out of control, with ransomware set to become 2017’s cyberattack of choice.

The security organisation argues that a number of EU countries may be at a point where reporting of cybercrime now outnumbers that of more traditional crimes.

Pay the ransomware?

Attacks such as ransomware “have become the norm”, overshadowing traditional malware threats such as banking Trojans, with the rise of overall cybercrime “relentless”.

Check Point’s predictions come into play here, with trends obvious to those with access to all of the data. The company puts the prevention of DDoS attacks and their ransomware intentions down to the “cost of doing business” nowadays.

Check Point argues that ransomware’s growth and general success means companies will have to employ a multifaceted prevention strategy. This will include advanced sandboxing and threat extraction, but there is also the realisation that other ways of dealing with ransomware criminals might be needed.

“Such methods would include coordinated takedowns with industry peers and law enforcement, as well as the establishment of financial reserves to speed payments, if that is the only mitigation option,” it said.

“We will also see more targeted attacks to influence or silence an organisation, with ‘legitimate’ actors launching such attacks. The current US presidential campaign shows this possibility and will serve as a precedent for future campaigns.”

Gordon Hunt was a journalist with Silicon Republic