EDITOR ’ S QUESTION

Kaspersky has very recently releases a list of security threat predictions for 2017 that include the impact of bespoke and disposable tools , the growing use of misdirection in terms of attacker identity , the fragility of an indiscriminately Internet-connected world , and the use of cyber attacks as a weapon of information warfare .

The rise of ephemeral infections In 2017 , Kaspersky Lab also expects to see the appearance of memory-resident malware that has no interest in surviving beyond the first reboot that will wipe the infection from the machine memory . Such malware , intended for general reconnaissance and the collection of credentials , is likely to be deployed in highly sensitive environments by stealthy attackers keen to avoid arousing suspicion or discovery .

Other top threat predictions for 2017

• Attribution will flounder among false flags : As cyber attacks come to play a greater role in international relations , attribution will become a central issue in determining a political course of action – such as retaliation . The pursuit of attribution could result in the risk of more criminals dumping infrastructure or proprietary tools on the open market , or opting for opensource and commercial malware , not to mention the widespread use of misdirection ( generally known as false flags ) to muddy the waters of attribution .

• The rise of information warfare : In 2016 , the world started to take seriously the dumping of hacked information for aggressive purposes . Such attacks are likely to increase in 2017 , and there is a risk that attackers will try to exploit people ’ s willingness to accept such data as fact by manipulating or selectively disclosing information .

• Growing vulnerability to cybersabotage : As critical infrastructure and manufacturing systems remain connected to the Internet , often with little or no protection – the temptation to damage or disrupt them could prove overwhelming for cyber attackers , particularly those with advanced skills , and during times of rising geopolitical tension .

• Espionage goes mobile : Kaspersky Lab expects to see more espionage campaigns targeted primarily at mobile , benefiting from the fact that the security industry can struggle to gain full access to mobile operating systems for forensic analysis .

• The commodification of financial attacks : Kaspersky Lab expects to see the ‘ commodification ’ of attacks along the lines of the 2016 SWIFT heists in 2016 – with specialised resources being offered for sale in underground forums or through as-aservice schemes .

• The compromise of payment systems : As payment systems become increasingly popular and common , Kaspersky Lab expects to see this matched by a greater criminal interest .

• The breakdown of ‘ trust ’ in ransomware : Kaspersky Lab also anticipates the continuing rise of ransomware , but with the unlikely trust relationship between the victim and their attacker – based on the assumption that payment will result in the return of data – damaged as a lesser grade of criminal decides to enter the space . This could be the turning point in people being prepared to pay up .

78 INTELLIGENTCIO www . intelligentcio . com