Security Market Segment LS
Wednesday, 07 December 2016 12:02

A new era of cybercrime – Symantec’s predictions for 2017 and beyond


Rogue nations will be financed by cybercrime, the used of undetectable file-less malware (firmware) will grow, IoT devices are fair and easy game, HTTPS/SSL will be abused – these are a few of Symantec’s emerging trends and predictions for paddling in cyberspace.

These are some takeaways from a briefing with Symantec’s Mark Shaw, technology strategist for the Pacific Region, Peter Sparkes, senior director, Cyber Security Services, APJ, and Ian McAdam, managing director, Pacific region.

The three proceeded to demolish all hope of the good guys winning over cybercriminals in 2017.

McAdam led off saying that company boards could no longer ignore cybersecurity leaving it to the IT guys – they must focus efforts and budgets on increasing cyber security because 2017 presents so many more threats. He commented on the fact that after Symantec’s acquisition of Bluecoat, it now had more than 3000 engineers working on cybersecurity and had combined resources to be the world’s largest global intelligence network.

Shaw said that Symantec had identified ten trends that were all new – these are future issues for concern.

#1 Proliferation of the Cloud generation

Symantec sees more attempts on things like VR, IoT, cameras, routers, wearables – the consumerisation of IT. The biggest issue was a lack of standards; manufacturers back doors for firmware updates and device telemetry, and a general inability to run security on the devices. All these devices needed to have controls on identity and information sent to the cloud.

#2 connected cars will be held for ransom

In the past months, a group of Chinese white hat hackers had taken control of a Tesla using nothing but remote web access – all attacks were contactless and without physically modifying the car. Tesla is updating the firmware accordingly, but it shows the rush to remotely connected cars is not without its issues.

The techniques used were nothing special – it simply exploited weaknesses found in so many IoT devices. Shaw said he expected to see “fleets” of cars held for ransom – pay up, or you can’t drive.

But hacking could also include location tracking, recording conversations, or crashing the car.

#3 IoT devices penetrate the enterprise

Look around now, and you will see IoT devices in the boardroom, office and lunchroom – these smart devices might include cloud-connected cameras, Wi-Fi routers, smart appliances like refrigerators or coffee machines, NEST style climate controls and more.

Also, IoT devices may start to monitor and control things like printers, access points, time clocks, room locks and more. Shaw said that these things provide additional and largely insecure attack points but more importantly are often connected to the company network as they require Internet and cloud access.

#4 An increase in IoT DDoS attacks

Shaw said this could be easily subtitled “Looking for a smart refrigerator”, and pointed to Shodan, that can find weaknesses in IoT devices including refrigerators, webcams, power plants, IoT and building automation.

Again the lack of standards, manufacture’s backdoors for telemetry and firmware, and a general lack security awareness made these obvious devices to use for DDoS. He referred to the 900,000 ZyXEL routers taken offline at Deutsche Telekom last week.

The key issue is that hackers can monetise these massive botnets and sell DDoS as a service. But what if hackers started selling access to security cameras at ATM sites?

#5 Ransomware and the Cloud

Shaw said that the cloud was becoming just as an attractive target as on-premise computers and very often it was less secure than devices behind the corporate firewall.

But he had noticed that ransomware was being delivered from the cloud as well – hidden in corporate files.

#6 Machine learning will require sophisticated big data capabilities

It would not be a prediction without throwing in machine learning. It is being used by both the good guys and the cyber criminals with equal effectiveness. Shaw was concerned however that all the data was generating far too many false positives and a lot more work needs to be done here to make it more useful. At present those false positives are being reviewed by “the wetwork” (humans)

#7 Rogue nation states will fiancé themselves by stealing money on-line

An amazing number of hacks bear the hallmark of one nation,  including the Sony hack, SWIFT bank transfers like the Ecuador Bank and spreading of ransomware.

Shaw was too polite to name the nation but is concerned it's becoming clear the action is at least state-sponsored. The definition of a rogue state is here.

#8 File-less malware will increase

Malware that runs in memory overwrites BIOS or firmware, and installs rootkits is the way to the future as its harder to track than malware. Regardless of how good security gets humans will still be the week point clicking on suspect links and allowing “things” to execute on the computing device. While education is a good start it is clearly not enough.

#9 Secure Sockets Layer (SSL) abuse will lead to increased phishing sites using HTTPS

HTTPS is supposed to be safe and Symantec aims to have all websites encrypted by providing free SSL certificates.

Google is getting on board and will start to identify HTTP sites as less secure. But all that does is focus cybercriminals on how to use HTTPS sites as delivery vectors.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Ray Shaw

joomla stats

Ray Shaw  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!



Recent Comments