A new era in cybercrime: From rogue nation states to dronejacking

Symantec's list of security predictions for 2017 and beyond.

Comments

By 2025, we can expect to see ‘dronejacking’, which will intercept drone signals and redirect drones for the attacker’s benefit.

Security experts from Symantec are calling on organisations to prepare for “a new era of cybercrime” filled with familiar but increasingly becoming sophisticated players, to emerging technology-enabled cybercriminals.

In the report Security in 2017 and Beyond, the Symantec experts predict the possible threat of rogue nations financing themselves by stealing money online.

“There is a dangerous possibility that rogue nation states could align with organised crime for their personal gain, such as we saw in the SWIFT attacks. This could result in downtime for countries’ political, military or financial systems,” they state.

Drones, meanwhile, will be used for espionage and explosive attacks, as early as 2017, they predict.

“By 2025, we can expect to see ‘dronejacking’, which will intercept drone signals and redirect drones for the attacker’s benefit.

“Given this possibility, we can also expect to see anti-drone hacking technology being developed to control these devices’ GPS and other important systems.”

The Internet of Things, meanwhile, will offer new sources of revenues for cybercriminals.

First, they foresee connected cars being taken for ransom.

“As cars start to have connected capabilities, it is only a matter of time until we see an automobile hack on a large scale,” they state.

The automobile hack could range range cars being held for ransom to self-driving cars being hacked to obtain their location for hijacking.

“This will also lead to a question of liability between the software vendor and automobile manufacturer, which will have long-term implications on the future of connected cars.”

IoT devices in the enterprise will increase points of exposure, they add.

There is a dangerous possibility that rogue nation states could align with organised crime for their personal gain, such as we saw in the SWIFT attacks

Beyond looking simply at computers and mobile devices for vulnerabilities, incident response teams will need to consider thermostats and other connected devices as jumping points into the network, they advise.

Similar to how printer servers were used for attacks several years ago, nearly everything in an enterprise is now connected to the internet and will need to be protected, they state.

The security experts see more hacks in the cloud.

Given the significant shift towards cloud-based storage and services, the cloud is becoming a very lucrative target for attacks, they say.

The cloud is not always automatically protected by firewalls or more traditional security measures, so there will be a shift in where enterprises need to defend their data. Cloud attacks could result in multi-million dollar damages and loss of critical data, so the need to defend it will become even more crucial, they state.

Machine learning, on the other hand, will require sophisticated Big Data capabilities.

The security experts cite Forrester’s prediction that investments in artificial intelligence will grow 300 per cent next year alone.

“With this growth comes new, powerful insights for businesses to tap, and an increased collaboration between humans and machines.

“From a security standpoint, this expansion will impact organisations in more ways than one – including endpoints and mechanisms in the cloud,” they state.

The security experts note that as new forms of machine learning and AI continue to enter the market, enterprises will need to invest in systems that have the capabilities to collect and analyse data from the countless endpoints and attack sensors across different organisations, industries and geographies.

“These solutions will prove to be instrumental in teaching machines how to operate on the front lines of a global battle that changes every day, minute by minute.”