Back to top

The indispensable source for professionals who create, implement and service technology solutions for entrepreneurs to enterprise.

In the Zone

8 security threats for 2017 you need to worry about now

Peter Krass's picture

by Peter Krass on 12/06/2016
Blog Category: cloud-and-data-centers

Think you’ve got your clients’ security taken care of? Think again. Several older cyber threats will still be with us next year. And several new ones are likely to emerge.

That’s according to cybersecurity supplier Trend Micro, which just released a report, “The Next Tier,” predicting the top security threats for 2017.

Raimund Genes, Trend Micro’s CTO, says: “Next year will take the cybersecurity industry into new territory.”

Trend Micro’s report is based on both real-time monitoring of the threat landscape and the opinions of its threat-research team. The report, published earlier today, identifies 8 top threats for the new year.

Here, according to Trend Micro, is what to expect — and worry about — in 2017:

> Ransomware: This year, the number of ransomware families increased by a “staggering” 400 percent, but for next year, Trend Micro predicts growth will slow to “just” 25 percent more families. While that’s welcome, at the same time, cybercrooks will diversify their ransomware approaches, hurting more victims, platforms and targets. This chart shows Trend Micro’s take on the rapid recent growth in the number of ransomware families:

> IoT: The Internet of Things will be the focus of increased cyber attacks. The bad guys are likely to use open routers for massive distributed denial-of-service (DDoS) attacks. But can’t IoT suppliers prevent these attacks? No, says Trend Micro: “We predict that vendors will not react in time.”

> Business Email Compromise: This happens when a criminal hacks an email account or otherwise tricks an employee to transfer funds to the criminal’s illicit bank account. The average payout of such an attack is a serious $140,000, double the average loss from a ransomware attack. Email compromises are hard to detect, too, since the fraudulent emails don’t need to contain the malicious code that security systems look for.

> Business-process Compromise: These heists are conducted by criminals who develop a deep understanding of how organizations process their financial transactions. For example, crooks can hack into a company’s purchase-order system to receive payments that were intended for legitimate vendors. The losses can be huge.

> Adobe & Apple: Trend Micro predicts these two suppliers will outpace Microsoft next year in the number of discovered platform vulnerabilities. Adobe outpaced Microsoft this year already, with 135 vulnerabilities vs. 76. Next year, Trend Micro predicts, even more software flaws will be discovered.

> Cyberpropaganda: The Internet has become a “free-for-all tool to influence public opinion,” the report says. Whether that’s downloads from WikiLeaks, fake ads on Facebook, or abusive attacks on Twitter, this kind of behavior “will become a norm.”

> GDPR’s Costly Compliance: The General Data Protection Regulation is an European Union regulation aimed at strengthening and unifying data protection. Adopted earlier this year, it will go into effect in 2018. And next year, Trend Micro predicts, complying with GDPR will raise the administrative costs of many organizations, particularly those that operate globally. “It will be especially difficult for multinational companies who will have to consider building entirely new data-storage systems just for EU data,” the report states. “They will also need to review the data protection clauses of their cloud storage partners.”

> New Attack Tactics: Cybersecurity has become an arms race between criminals and security professionals, and Trend Micro predicts this arms race will accelerate next year. Cyber thieves will develop “new and unexpected techniques” to conduct targeted attacks. Some will evade even the most modern security approaches.

Scary, right? So what can you do to protect your clients? Trend Micro’s recommendations include using advanced technologies, such as host-based firewall protection, breach detection and advanced anti-malware. Training employees is important, too, the company says, to help recognize and avoid common types of attacks. Stay safe!


Back to top