2017 TECH TRENDS SPECIAL
The predictions are prepared annually by the company ’ s expert Global Research and Analysis Team ( GReAT ) and are based on its wideranging insight and expertise . The list for 2017 includes the impact of bespoke and disposable tools , the growing use of misdirection in terms of attacker identity , the fragility of an indiscriminately Internet-connected world , and the use of cyber attacks as a weapon of information warfare .
The decline of IoCs Indicators of Compromise ( IoCs ) have long been an excellent way of sharing traits of known malware , allowing defenders to recognize an active infection . The discovery by GReAT of the ProjectSauron APT changed this . Analysis of the group revealed a bespoke malware platform where every feature was altered for each victim , rendering IoCs unreliable for detecting any other victim , unless accompanied by another measure , such as strong Yara rules .
The rise of ephemeral infections In 2017 , Kaspersky Lab also expects to see the appearance of memoryresident malware that has no interest in surviving beyond the first reboot that will wipe the infection from the machine memory . Such malware , intended for general reconnaissance
AS CRITICAL INFRASTRUCTURE AND MANUFACTURING SYSTEMS REMAIN CONNECTED TO THE INTERNET , OFTEN WITH LITTLE OR NO PROTECTION – THE TEMPTATION TO DAMAGE OR DISRUPT THEM COULD PROVE OVERWHELMING FOR CYBER ATTACKERS
and the collection of credentials , is likely to be deployed in highly sensitive environments by stealthy attackers keen to avoid arousing suspicion or discovery .
“ These are dramatic developments , but defenders will not be left helpless . We believe that it is time to push for the wider adoption of good Yara rules . These will allow researchers to scan far-and-wide across an enterprise , inspect and identify traits in binaries at rest , and scan memory for fragments of known attacks . Ephemeral infections highlight the need for proactive and sophisticated heuristics in advanced anti-malware solutions ,” said Juan Andrés Guerrero-
Saade , Senior Security Expert , Global Research and Analysis Team .
Other top threat predictions for 2017
• Attribution will flounder among false flags : As cyberattacks come to play a greater role in international relations , attribution will become a central issue in determining a political course of action – such as retaliation . The pursuit of attribution could result in the risk of more criminals dumping infrastructure or proprietary tools on the open market , or opting for open-source and commercial malware , not to mention the widespread use of misdirection ( generally known as false flags ) to muddy the waters of attribution .
• The rise of information warfare : In 2016 , the world started to take seriously the dumping of hacked information for aggressive purposes . Such attacks are likely to increase in 2017 , and there is a risk that attackers will try to exploit people ’ s willingness to accept such data as fact by manipulating or selectively disclosing information .
• Alongside this , Kaspersky Lab expects to see a rise in vigilante hackers – hacking and dumping data , allegedly for the greater good .
• Growing vulnerability to cybersabotage : As critical infrastructure and manufacturing systems remain connected to the Internet , often with little or no protection – the temptation to damage or disrupt them could prove overwhelming for cyber attackers , particularly those with advanced skills , and during times of rising geopolitical tension .
• Espionage goes mobile : Kaspersky Lab expects to see more espionage campaigns targeted primarily at mobile , benefiting from the fact that the security industry can struggle to gain full access to mobile operating systems for forensic analysis .
• The commodification of financial
38 INTELLIGENTCIO www . intelligentcio . com