Enterprise Security in 2017: Comparing 2016 Threats to Now

If you have had the chance to read any of the latest analyst predictions for 2017, then you will have noticed that security remains at the top of the list. So what will you do differently this year than in year's past? As you review your security strategies and revisit best practices this New Year, it’s important to reflect upon the past. We examined the top security threats last year in our white paper, Effectively Managing Cyber Security: Top 5 Enterprise Threats. Now read on to learn about the top five enterprise security threats to the confidential and proprietary information on your network -- that you must consider for this year.

Top 5 Enterprise Security Threats

1. Attacks through malicious email
   Known as phishing, malicious emails that trick an employee into opening a bad website or attachment are still the tool of choice for hackers who want to penetrate your network. One of the most effective phishing methods is to pose as a trusted coworker. Attackers pose as employees to create believable scenarios such as your CFO asking Accounts Payable to process an unexpected invoice or your security team asking employees to log into a new portal using current network credentials. An attacker also can pose as an employee in person by cloning or stealing an employee badge, in an attempt to physically access secure areas.
   
   
2. Hackers will continue to attack your organization through your employees
   Hackers are actively developing new ways to compromise your employees by leveraging longstanding techniques. These include sending email that contains malicious links or attachments, attacks through social media, whaling and attacks that launch from a legitimate website.
   
   
3. Attacks through LinkedIn and other social media platforms
   Up until recently, a LinkedIn user could identify most fake accounts. They had telltale signs such as no connections, no recommendations, or unbelievable and absurd information. Today, a hacker might create several fake accounts that write recommendations for each other to appear more legitimate. Amotivated hacker may even take it a step further by connecting with several lower-level employees from your organization, making it appear that they are a legitimate employee.
   
   
4. Attacks by redirecting website traffic or by planting malware on legitimate sites
   Attackers sometimes use websites that are frequented by targeted employees or targeted industries as spaces to attract victims. The attackers either secretly redirect traffic from the legitimate website to a fake one or plant malware on the legitimate sites.
   
   
5. Enterprises will continue to underestimate malicious insiders
   Although it’s more uncommon than outside attacks, a malicious insider can wreak havoc on your organization’s security. Some researchers group together breaches caused by malicious insiders and unintentional insider-initiated breaches, as in a PwC report based on a 2014 security survey. Therefore, there is a shortage of good statistics about the prevalence of malicious insiders. In addition, awareness may remain low because affected companies often don’t prosecute.

About 75% of organizations that responded to PwC’s survey said they didn’t take legal action against insiders, defined as current and former employees, customers and third-party partners such as service providers, consultants, vendors and suppliers. 

2017 Enterprise Security Predictions

Cyberattacks will cause physical damage

The Stuxnet incident of 2010 was the first known case of a cyberattack that resulted in physical damage. It resulted in a disrupted and damaged a nuclear centrifuge in Iran. The next known cyber-physical attack was in late December 2014, when Germany’s Federal Office for Information Security announced that hackers attacked a steel mill’s business office with a malicious email and gained access to plant systems. As a result, a blast furnace could not be properly shut down, which resulted in “massive” damage, according to the announcement.

These types of attacks are focused on systems in which computer applications and networks control physical systems as well as embedded systems, computer systems or components performing a specific function within a larger mechanical or electrical system. Many enterprises have not secured cyber-physical and embedded systems, so these systems present attractive attack surfaces for hackers. In 2017, more enterprises could sustain physical damage as a result of attacks launched through these systems.

Large, well-funded teams of hackers will continue to launch subtle, long-term attacks against enterprises

In 2017 and beyond, hacking will become an organized, professional orchestration; we’ll also see a rise in Advanced Persistence Threat (APT) attacks. APTs often focus on information that can be sold or used for competitive advantage such as trade secrets, intellectual property, source code and personal information about customers or employees that can be used to open credit.

Ransomware will appear on mobile devices, the Internet of Things and networks

Ransomware is malicious software that either locks a system or locks electronic files and documents until a fee is paid. In effect, it holds the data or system hostage. The number of ransomware attacks more than doubled between 2013 and 2014, according to Symantec’s 2015 Internet Threat Report, and we expect it will rise even higher in 2017.

IBM predicts that attackers will increasingly graduate from extorting individuals to extorting large organizations and enterprises. The start of this trend is already evident. For instance, several police departments have suffered ransomware attacks. And in March 2015, attackers demanded more than $100,000 to release the files of a school district.

As the number of devices that access corporate networks continues to rapidly grow and systems become smarter by communicating with other systems, hackers are exploring larger attack surfaces with far more potential entry points into your network.

As you plan your cybersecurity strategies for 2017, it’s important to remember that attackers are always discovering new ways to use tried-and-true attacks such as phishing scams, and are inventing new attacks such as ransomware to exploit emerging technologies such as mobile devices and the Internet of Things. If you want to sharpen your security, check out this WEI Infographic - Cyber Security Top Threats and Smart Moves.