MCAFEE
LABS THREATS PREDICTIONS REPORT PREVIEWS CYBER THREATS FOR 2017 AND BEYOND
LABS THREATS PREDICTIONS REPORT PREVIEWS CYBER THREATS FOR 2017 AND BEYOND
Intel
Security Predictions Provide Insights for 2017, Future of Cloud and Internet of
Things Security; Poses Six Challenges Industry Must Address
Security Predictions Provide Insights for 2017, Future of Cloud and Internet of
Things Security; Poses Six Challenges Industry Must Address
NEWS
HIGHLIGHTS
HIGHLIGHTS
· McAfee
Labs predicts 14 security developments for 2017
Labs predicts 14 security developments for 2017
· Identifies
three legal hurdles, 10 vendor actions and 11 cloud threats likely to occur in
the next four years
three legal hurdles, 10 vendor actions and 11 cloud threats likely to occur in
the next four years
· Makes
21 predictions regarding Internet of Things security threats, legal actions and
vendor responses in the next four years
21 predictions regarding Internet of Things security threats, legal actions and
vendor responses in the next four years
· Identifies
six “hard to solve” challenges for the cybersecurity industry to overcome
six “hard to solve” challenges for the cybersecurity industry to overcome
Singapore, Nov. 30, 2016 – Intel®
Security today released its McAfee Labs 2017 Threats Predictions Report,
which identifies 14 threat trends to watch in 2017, the most critical
developments to watch for in cloud security and the Internet of Things (IoT)
security, and the six most difficult-to-solve challenges facing the
cybersecurity industry.
Security today released its McAfee Labs 2017 Threats Predictions Report,
which identifies 14 threat trends to watch in 2017, the most critical
developments to watch for in cloud security and the Internet of Things (IoT)
security, and the six most difficult-to-solve challenges facing the
cybersecurity industry.
The
report reflects the informed opinions of 31 Intel Security thought leaders. It
examines current trends in cybercrime and makes predictions about what the
future may hold for organizations working to take advantage of new technologies
to both advance their businesses and provide better security protection.
report reflects the informed opinions of 31 Intel Security thought leaders. It
examines current trends in cybercrime and makes predictions about what the
future may hold for organizations working to take advantage of new technologies
to both advance their businesses and provide better security protection.
“To change the rules of the game between attackers and
defenders, we need to neutralize our adversaries’ greatest advantages,” said
Vincent Weafer, vice president of Intel Security’s McAfee Labs. “As a new
defensive technique is developed, its effectiveness increases until attackers
are compelled to develop countermeasures to evade it. To overcome the designs
of our adversaries, we need to go beyond understanding the threat landscape to
changing the defender-attacker dynamics in six key areas: information
asymmetry, making attacks more expensive, improving visibility, better
identifying exploitation of legitimacy, improving protection for decentralized
data, and detecting and protecting in agentless environments.”
defenders, we need to neutralize our adversaries’ greatest advantages,” said
Vincent Weafer, vice president of Intel Security’s McAfee Labs. “As a new
defensive technique is developed, its effectiveness increases until attackers
are compelled to develop countermeasures to evade it. To overcome the designs
of our adversaries, we need to go beyond understanding the threat landscape to
changing the defender-attacker dynamics in six key areas: information
asymmetry, making attacks more expensive, improving visibility, better
identifying exploitation of legitimacy, improving protection for decentralized
data, and detecting and protecting in agentless environments.”
“Threats come in various forms, including ransomware, firmware
attacks, attacks on IoT devices, social engineering attacks and more.
Cybercrime will continue to evolve in Asia, and cybersecurity professionals
need to evolve correspondingly to ensure our enemies do not get the upper hand.
The cyberthreat paradigm needs to be altered to focus on defender-attacker
dynamics. Only then can cybersecurity practitioners break the cycle of cyber
criminals circumventing new cyber defence tactics.” said David Allott, Director
of Cyber Defence, Intel Security.
attacks, attacks on IoT devices, social engineering attacks and more.
Cybercrime will continue to evolve in Asia, and cybersecurity professionals
need to evolve correspondingly to ensure our enemies do not get the upper hand.
The cyberthreat paradigm needs to be altered to focus on defender-attacker
dynamics. Only then can cybersecurity practitioners break the cycle of cyber
criminals circumventing new cyber defence tactics.” said David Allott, Director
of Cyber Defence, Intel Security.
2017 Threats Predictions
The 2017 threats predictions run the gamut, including threats
around ransomware, sophisticated hardware and firmware attacks, attacks on
“smart home” IoT devices, the use of machine learning to enhance social
engineering attacks, and an increase in cooperation between industry and law
enforcement:
around ransomware, sophisticated hardware and firmware attacks, attacks on
“smart home” IoT devices, the use of machine learning to enhance social
engineering attacks, and an increase in cooperation between industry and law
enforcement:
1. Ransomware
attacks will decrease in volume and effectiveness in the second half of
2017.
attacks will decrease in volume and effectiveness in the second half of
2017.
2. Windows
vulnerability exploits will continue to decline, while those targeting
infrastructure software and virtualization software will increase.
vulnerability exploits will continue to decline, while those targeting
infrastructure software and virtualization software will increase.
3. Hardware
and firmware will be increasingly targeted by sophisticated attackers.
and firmware will be increasingly targeted by sophisticated attackers.
4. Hackers
using software running on laptops will attempt “dronejackings” for a variety of
criminal or hacktivist purposes.
using software running on laptops will attempt “dronejackings” for a variety of
criminal or hacktivist purposes.
5. Mobile
attacks will combine mobile device locks with credential theft, allowing cyber
thieves to access such things as banks accounts and credit cards.
attacks will combine mobile device locks with credential theft, allowing cyber
thieves to access such things as banks accounts and credit cards.
6. IoT
malware will open backdoors into the connected home that could go undetected
for years.
malware will open backdoors into the connected home that could go undetected
for years.
7. Machine
learning will accelerate the proliferation of and increase the sophistication
of social engineering attacks.
learning will accelerate the proliferation of and increase the sophistication
of social engineering attacks.
8. Fake
ads and purchased “likes” will continue to proliferate and erode trust.
ads and purchased “likes” will continue to proliferate and erode trust.
9. Ad
wars will escalate and new techniques used by advertisers to deliver ads will
be copied by attackers to boost malware delivery capabilities.
wars will escalate and new techniques used by advertisers to deliver ads will
be copied by attackers to boost malware delivery capabilities.
10. Hacktivists
will play an important role in exposing privacy issues.
will play an important role in exposing privacy issues.
11. Leveraging
increased cooperation between law enforcement and industry, law enforcement
takedown operations will put a dent in cybercrime.
increased cooperation between law enforcement and industry, law enforcement
takedown operations will put a dent in cybercrime.
12. Threat
intelligence sharing will make great developmental strides in 2017.
intelligence sharing will make great developmental strides in 2017.
13. Cyber
espionage will become as common in the private sector and criminal underworld
as it is among nation-states.
espionage will become as common in the private sector and criminal underworld
as it is among nation-states.
14. Physical
and cybersecurity industry players will collaborate to harden products against
digital threats.
and cybersecurity industry players will collaborate to harden products against
digital threats.
For more information on the 2017 McAfee Labs predictions, please
see the blog post entitled “2017 Predictions Blog”.
see the blog post entitled “2017 Predictions Blog”.
Cloud Security and Internet of Things Predictions
McAfee Labs also provided predictions for IoT and Cloud security
during the next two to four years, including threat, economic, policy, and
regional trends likely to shape each area. Gathering insights from Intel
Security researchers, the following predictions also anticipate the responses
we expect to see from device manufacturers, cloud service providers, and
security vendors.
during the next two to four years, including threat, economic, policy, and
regional trends likely to shape each area. Gathering insights from Intel
Security researchers, the following predictions also anticipate the responses
we expect to see from device manufacturers, cloud service providers, and
security vendors.
The Cloud predictions touched on topics such as trust in the
cloud, storage of intellectual property, antiquated authentication, east-west
and north-south attack vectors, gaps in coverage between service layers,
for-hire hackers in the cloud, “denial of service for ransom” attacks, IoT
implications for cloud security models, laws and litigation versus innovation,
movement of data across borders, biometrics as cloud enablers, cloud
access security brokers (CASBs), protection of data at rest and in motion,
machine learning, cyber insurance, and ongoing conflicts pitting speed,
efficiency, and cost against control, visibility, and security in cloud
offerings.
cloud, storage of intellectual property, antiquated authentication, east-west
and north-south attack vectors, gaps in coverage between service layers,
for-hire hackers in the cloud, “denial of service for ransom” attacks, IoT
implications for cloud security models, laws and litigation versus innovation,
movement of data across borders, biometrics as cloud enablers, cloud
access security brokers (CASBs), protection of data at rest and in motion,
machine learning, cyber insurance, and ongoing conflicts pitting speed,
efficiency, and cost against control, visibility, and security in cloud
offerings.
For more detail and insight on the report’s Cloud predictions,
please see the blog entitled “You can outsource the work, but you cannot outsource the
risk.”
please see the blog entitled “You can outsource the work, but you cannot outsource the
risk.”
The IoT predictions focused on cybercrime economics, ransomware,
hacktivism, nation-state attacks on criminal infrastructure, challenges for
device makers, privacy threats and opportunities, encryption, behavioral
monitoring, and cyber insurance and risk management.
hacktivism, nation-state attacks on criminal infrastructure, challenges for
device makers, privacy threats and opportunities, encryption, behavioral
monitoring, and cyber insurance and risk management.
For more detail and insight on the report’s IoT predictions, please see the
blog entitled “Welcome to the Wild West, again!”
blog entitled “Welcome to the Wild West, again!”
Six Critical Industry Challenges
The
difficult-to-solve problems section of the report challenges the industry to
improve threat defense effectiveness by reducing information asymmetry between
defenders and attackers, making attacks more expensive or less profitable,
improving visibility into cyber events, better identifying exploitation of
legitimacy, improving protection for decentralized data, and detecting and
protecting in agentless environments.
difficult-to-solve problems section of the report challenges the industry to
improve threat defense effectiveness by reducing information asymmetry between
defenders and attackers, making attacks more expensive or less profitable,
improving visibility into cyber events, better identifying exploitation of
legitimacy, improving protection for decentralized data, and detecting and
protecting in agentless environments.
For more insight on McAfee Labs’ six hard-to-solve problems,
please see the blog entitled “Big hard to solve problems.”
please see the blog entitled “Big hard to solve problems.”
For more information, please read the full report: McAfee Labs 2017 Threats Predictions Report.
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!
