Cybersecurity Threat Predictions for 2017

by Sean Bryant on January 2, 2017

CyberSecurity

In 1899, the British scientist, William Thomson, Lord Kelvin, opined that “radio has no future, heavier-than-air flying machines are impossible, [and] X-rays will prove to be a hoax.” Lord Kelvin was not the only “expert” in the past 150 years to have made predictions that were famously wide of the mark. This suggests that expert predictions, particularly those that originate from only one individual, should be taken with a grain of salt.

Opinions that are supported by a broader group of industry participants tend to have more believablity. Predictions from people in the cybersecurity industry, for example, are coming together around the more likely cybersecurity threats that businesses are likely to face in 2017.

Ransomware and Cyberextortion

The FBI estimated that ransomware attacks, in which a business’s information systems are hacked and held hostage pending payment, grew to a $1 billion criminal enterprise in 2016. An IBM study revealed that 70% of all businesses attacked by ransomware paid anywhere from $20,000 to $50,000 to recover their IT operations. Hackers are increasingly aware that businesses in healthcare and other industries that have mission-critical applications in their information technology systems typically cannot afford to lose access to those systems for any amount of time. Given the increasingly lucrative nature of this cybersecurity threat, it is at the top of most prediction lists for the coming year.

IoT Hacking

The growth of the Internet of Things (IoT) industry has created a world of connected devices, and all of those devices are prime targets for hackers who are harnessing them for distributed denial of service (DDoS) and other cyberattacks. One of the more troublesome threats that cybersecurity experts are watching is the prospect of Permanent Denial of Service (PDoS) attacks that hijack and destroy a connected device’s firmware. PDoS attacks can theoretically open a network to other hacking attacks as a company’s IT department is distracted with bringing IoT devices back online.

Internal Threats

Companies are facing growing cybersecurity problems as a result of employees’ careless use of social media and employee connections into corporate networks with remote devices. These threats can be managed with improved employee training and awareness of risks, but younger employees who have come of age in an interconnected world frequently overlook or ignore employers’ cybersecurity protections, particularly if they are inconvenient or cumbersome.

State-Sponsored Cyberattacks

The final part of the 2016 presidential election was rife with news stories about Russia’s purported hacking of the United States election process. The veracity of those stories will be debated for many years, but a few observers agree that foreign state-sponsored cyberattacks are a valid and growing threat in 2017. To the extent that a coordinated, large-scale cyberattack will require substantial resources that may be available only at a state-sponsored level, this scenario is not as far-fetched as it might originally appear to be.

Squirrels

Nobody is saying that squirrels are sitting at their own computer screens and launching cyberattacks, but since 2013, almost 900 electrical grid failures have been attributed to squirrels and other vermin that chew through wires and into transformers. This suggests that the nation’s electronic infrastructure is almost comically susceptible to inadvertent low-tech attacks by hungry animals. At present, power grid engineers can only ramp up redundancies and backup systems to counter these attacks.

Businesses can improve their defenses against these increasing cyberattack risks, but cyber liability insurance will generally be the best backstop for losses they experience from a successful attack. Any business that is still asking “what is cyber liability insurance” should look to the growing list of insurers that are offering robust enterprise insurance packages covering both direct and third-party losses that stem from a cyberattack. Cybersecurity threats cannot be eliminated, but a business can at least protect itself from catastrophic losses that go with those threats.

The following two tabs change content below.

Sean Bryant

Sean Bryant created OneSmartDollar.com in 2011 to help pass along his knowledge of finance and economics to others. After graduating from the University of Iowa with a degree in economics he worked as a construction superintendent before jumping into the world of finance. Sean has worked on the trade desk for a commodities brokerage firm, he was a project manager for an investment research company and was a CDO analyst at a big bank. That being said he brings a good understanding of the finance field to the One Smart Dollar community. When not working Sean and he wife are avid world travelers. He enjoys spending time with his daughter Colette and dog Charlie.

Latest posts by Sean Bryant (see all)

Comments on this entry are closed.

Previous post:

Next post:

20adfc1256bf162ccc214ed51df72b1328c896d9b40792f6e7