SYMANTEC Corp. said the new year would usher in a new era of cybercrime.
In a statement released last week, the cyber-security firm said rogue nation-states would steal online and “file-less” malicious software (malware) will increase.
“There is a dangerous possibility that rogue nation-states could align with organized crime for their personal gain, such as what we saw in the Swift [Society for Worldwide Interbank Financial Telecommunication network] attacks,” the company said in a statement. “This could result in down time for countries’ political, military or financial systems.”
The Mountain View, California-headquartered firm explained that file-less malwares are infections written directly onto a computer’s random access memory (RAM) without using files of any kind.
“These are difficult to detect and often elude intrusion prevention and antivirus programs,” Symantec said. “This type of attack increased throughout 2016 and will continue to gain prominence in 2017.”
A third trend that Symantec expects to see in next year’s cyber-security fabric is an increase in phishing. According to the company, secure sockets layer (SSL), abuse will lead to increased phishing sites using HTTPS (Hyper Text Transfer Protocol Secure).
“The rise in popularity of free SSL certifications paired with Google’s recent initiative to label HTTP-only sites as unsafe will weaken security standards, driving potential spear-phishing or malware programs due to malicious search-engine optimization practices.” The fourth trend that Symantec sees occurring next year is the use of drones for espionage and explosive attacks.
“By 2025, we can expect to see ‘dronejacking,’ which will intercept drone signals and redirect drones for the attacker’s benefit,” the company said. “Given this possibility, we can also expect to see antidrone-hacking technology being developed to control these devices’ GPS and other important systems.”
Symantec also noted that Internet of Things (IoT) devices “offer new revenue streams for cybercriminals.”
“Connected cars will be taken for ransom and IoT devices in the enterprise will increase points of exposure. Finally, the company said it expects increased IoT DdoS (distributed denial of service) attacks occurring more frequently next year.
“Beyond looking simply at computers and mobile devices for vulnerabilities, incident response teams will need to consider thermostats and other connected devices as jumping points into the network,” Symantec said. “
Similar to how printer servers were used for attacks several years ago, nearly everything in an enterprise is now connected to the Internet and will need to be protected.”