The global cybersecurity landscape is set to experience rapid change and an increase in major attacks, according to a mid-year report released by Accenture.
The Cyber Threatscape Report 2017 , produced by iDefense, part of Accenture Security, predicts a continuation and escalation of high profile attacks seen in the first half of the year.
It also outlines the changing ways that hackers, both individual and state-sponsored, are looking to disrupt the landscape. It highlights their changing motivations and the different types of devices that can be maliciously exploited.
For instance, the report warns that the rapid adoption of IoT devices has created a significant rise in IoT botnets, which are expected to continue to grow as more diverse devices join the global network.
Ransomware has now displaced banking Trojans as one of the most common forms of malware
The explosion in the use of IoT devices means that the methods for protecting them are struggling to keep pace. However, it is not only new technology disrupting the security landscape, existing tactics are also changing the game.
The report specifically mentions Distributed Denial of Service (DDoS) attacks, which for a long time have been a favoured tactic of hacking groups. Now though, a proliferation of ‘DDoS for hire’ services means that these types of attacks could become significantly more common.
Developments in phishing give cause for further concern. Though these scams continue to employ recognisable techniques – emails about invoices, payments and wire transfers, the report argues that ransomware has now displaced banking Trojans as one of the most common forms of malware delivered via phishing techniques.
Additionally, the report argues that state-sponsored attackers are using techniques that were traditionally the preserve of financially-motivated cybercriminals. As such, Accenture says that ‘although governments are trying hard to avoid future leaks, [it] anticipates that more exploit arsenals will be exposed in the coming years.’
On the international front, the report lists a number of high profile states that may be delivering threats, including North Korea, Iran, and Russia, but of particular concern to iDefense is China’s 13th Five-Year Plan (FYP).
It argues that the FYP may encourage the targeting of companies active in the areas of ‘cybersecurity, cloud computing and big data, new energy automobiles and high-performance computing.’
Finally, the report discusses the cultural variety in cyber criminal operations. In places where law enforcement operations are stretched, cyber criminals tend to be more open with their business, as the chance of attracting more custom outweighs the relatively small chance of being arrested.