2017 Cyber Security Trends

Date
Author:
Connect Smart Partners

According to Connect Smart research, one in five (20%) New Zealanders were affected by cyber crime in the past year, rising to 72% when spam and suspicious emails are factored in. As Kiwis are increasingly online in their work and personal environments, these figures can be expected to increase if individuals and businesses don’t take active steps to manage their cyber security. It has been widely reported that cyber attacks are now more profitable than the global drug trade, with hackers becoming more clever and targeted in the way they create scams.

As attacks increase in sophistication and frequency, remember the:

Connect Smart asked some of our Partners to provide insights into what cyber security trends they are seeing, and what might be heading our way in 2017.

 

Secure Strategy: The rise of ransomware continues

Simon Thomas, Founder, Secure Strategy

Ransomware continuing and expanding. 2017 will see continued ransomware attacks. Last year these started to target databases as well as files. We will continue to see organisations with poor security and poor backup regimes pay to have their systems decrypted or their databases returned.

Secondly we will see the start of exfiltration ransomware (copying data out of a system). Organisations will pay to not have the breach made public. And we will see a continued rise in sophisticated fraud via business email compromise due to the large rewards available if successful. On the positive side the majority of these attacks can be prevented by taking some basic security measures. 2016 was the year when everyone learnt about cyber security risks and 2017 will be the year when they take steps to protect their business and clients.”

 

When your fridge is held hostage            

Colin James, Head of Security, Vodafone

Smarter people – smarter scams. As more people become aware of cyber-security threats and how they can improve their safety online, 2017 will see the tech industry respond by further improving security tools and minimising risks. Data theft and basic phishing scams are becoming more sophisticated and cyber criminals are instead using data manipulation for their attacks.

The rise of ransomware, for example, means hackers are looking at all your connected devices, such as targeting your smart TV or fridge, and demanding money to unlock it. Linked to this is improved regulation here and overseas, which is where the rubber will hit the road for cyber-security.

Due to the fast-moving and growing sophistication of cyber-security threats, this year it’ll be more important than ever for regulators to keep up with cyber criminals. Cyber-security will also hot up in 2017 due to the growth of IOT, especially amongst Kiwi businesses, which is where connected technologies have had the most impact to date. It’s likely this will be amplified as more consumer-orientated IOT offerings reach the market.

 

KPMG: Cyber threats increasing as interconnection continues

Philip Whitmore, Partner – Cyber Security Advisory

Balkanisation of the Internet gathering pace.  More and more countries are regulating cyberspace – often with conflicting and contrary approaches.  Organisations are struggling to keep up with restrictions on how data can be handled, what nations expect in the way of compliance, and the limitations on cross border transfers. Suddenly big data seems less attractive – without the metadata to ensure that legal and policy obligations around data handling can be respected. Data centric security has never mattered more.

Cloud security comes of age.  Cloud services have grown up and have recognised the need to provide clients with the functionality they need to implement effective security and compliance solutions. A well-managed cloud environment can offer levels of security and resilience which many organisations would struggle to replicate internally, and even in regulated industries ‘cloud as the first choice’ has become the mantra.

Countries find themselves cyber targets – and become more aggressive in defending their cyberspace.  The Mirai botnet in the later part of last year has shown just how damaging distributed denial of service attacks can become.  Attacks of this scale have the potential to destabilise the Internet and the infrastructure that supports it.  Active defence has moved up government agendas as countries work with telecommunication firms to provide more robust national defences against alleged state attacks and organised cybercrime, heralding a new relationship between government agencies and commerce.  Takedowns and blocking operations aimed at cyber criminals will become more frequent, and more rapid.

 

Dimension Data: New Zealand businesses step up to match global trends

Matthew Lord, Security Consultant Manager

More investment in digital strategies. We predict that New Zealand businesses will continue to increase investment in cyber security to support digital strategies.  However, we predict that investment will be focused at technologies that support the ever increasing online sharing of data between service partners.  A good example in New Zealand is the evolution of loyalty schemes where data is shared between loyalty partners so customers get a simplified experience both earning and redeeming loyalty points.   

Single logins preferred. New Zealanders will continue to favour online services that accept a universal single user identity of their choice, e.g. their Facebook or Gmail logon.  However, businesses need to implement these systems quickly to keep pace with competitors.  So rather than implementing traditional, bulky identity solutions that take years to implement we predict New Zealand business will start to invest in cloud identity management systems. 

Increase of IoT devices in home and the workplace. New Zealanders’ love of new technology has increased the use of IoT devices in the home and workplace.  These devices will generate data designed to help improve the customer experience, e.g. tell you when are about use too much power or you have a possible water leak.  Given the ever present threat of cyber-attacks, it won’t be sufficient to apply traditional perimeter defence strategies to these environments. Therefore we see security evolving and being built into the fabric of IoT networks, either by activating the security features that these networking devices come with, or combining them with specialist security devices and software – or both.  There will also need to be earlier collaboration between network architects and the security team when business deploy these technologies.

Dimension Data’s global snapshot of 2017 Cybersecurity trends is available here.

 

Skynet: New Zealand businesses step up to match global trends

Morten Kjaersgaard, Heimdal Security CEO

Social engineering tactics will get even more sophisticated. Psychological manipulation plays a decisive role in almost every cyber attack, and, while the classic malicious tactics still work, cyber criminals are bound to surprise their victims with increasingly sophisticated manoeuvres. CEO fraud and payment fraud are just two of the directions we might see attackers focusing on. Education is the key factor in mitigating this risk, for both businesses and home users. 

From reactive to proactive, faster. Trends are showing that cyber breaches will increasingly have legal and economic consequences.  This is likely to influence companies and organisations all over the world to invest in their proactive security. Committing to this approach will not only reduce their exposure to cyber attacks, but will also ensure their compliance with regulatory standards.