Cybersecurity in 2016; predictions for 2017

It’s that time of year again. The holiday season is upon us and with it, online shopping will no doubt take another bite out of traditional brick-and-mortar holiday sales. With a colorful new president taking office shortly thereafter, 2017 promises to be an interesting year. But before we get to predictions, let’s take a look at the year that was.

cyber-attack-headline_208077409-copy

2016: The year in review

After a series of high-profile breaches in 2015 that involved criminal and state-sponsored attacks against the personal data of hundreds of millions of people, our prediction last year was that 2016 would bring the increased adoption of multi-factor authentication. While it’s too early for hard numbers, there is anecdotal evidence of a spike in demand. But as you’ll see evidenced in the top security events for 2016 below, not everyone got the memo.

Hacking the Election

Never before in US history has cybersecurity played such a significant role in global politics. Throughout the election process, the public was bombarded with insider communications made available through a hacked DNC network and the hacked emails of Clinton campaign chair John Podesta.

True or not, the information siphoned from the DNC fueled the ideas that Hillary was given preferential treatment by party officials and that Bernie Sanders was deliberately sidelined. The DNC and their candidate both suffered as a result.

Podesta evidently fell victim to a phishing scheme that compromised his accounts and exposed insider communications that painted Clinton as pro-establishment and elitist — in a year when the American public wanted an outsider. No matter how you spin it, underutilized security technologies like two-factor authentication and a lack of best practices helped deny her the presidency.

Yahoo and Verizon stumble en route to the altar

In September, Yahoo announced that data associated with 500 million user accounts had been stolen in one of the largest cybersecurity breaches ever. The scale of the attack only became evident when a hacker who had previously sold stolen account information from other companies began selling millions of Yahoo users’ data online.

The company estimated that the late 2014 breach may have included names, email addresses, birthdays, phone numbers, passwords and security questions and answers, among other data.

After the breach, Verizon, who had agreed to buy the internet company, threatened to rescind its $4.8 billion offer. Yahoo warned investors that Verizon “may seek to terminate the stock purchase agreement or renegotiate the sale” due to the incident. Yahoo has reportedly been targeted with 23 consumer class action lawsuits related to the breach.

Ransomware is the new black

According to a recent study, ransomware is quickly becoming the preferred method for cyber extortion. While it has been around for several years, 2016 saw a large uptick in popularity. The process uses malicious software to encrypt the data on any system it gains access to. Companies are then unable to access that data until a payment is made for the encryption keys.

Some ransom requirements can be huge. Upwards of 20% of British companies report being charged more than $10,000 to unlock files. But the majority of cyber thieves seem to understand that smaller amounts are faster and easier for companies to acquiesce to. The study showed that approximately half the companies targeted do pay the ransom.

2017: The Year to Come

After a somewhat tumultuous 2016, where security breaches played a key role in jeopardizing multi-billion dollar acquisition deals, upending US presidential elections and facilitating corporate extortion, it’s a good idea to prepare for just about anything. Here are a few predictions:

More hawkish regulation enforcement by government entities

The US government is no stranger to cybersecurity – it’s been a primary focus for decades. But recent events like the US election have highlighted how a lack of appropriate security measures can impact the entire globe in ways we hadn’t considered.

Regulations that address the vast majority of cybersecurity threats already exist. It’s the adoption of key technologies that help to adhere to these regulations that’s lacking. And that isn’t to say that companies aren’t trying. Many organizations already have teams devoted to meeting the government and industry regulations they fall under — from PCI to HIPAA, FedRAMP to FISMA/CDM.

Still, in 2017, we’ll likely see a renewed effort by government regulators to accelerate the implementation of security technologies. Ignoring the regulations or inching toward adherence will no longer be acceptable. Extensive progress will be expected – and required.

More ransomware

After a hugely successful 2016, we’ll see additional increases in ransomware. And as a result, companies may start to actually budget money to buy back their own data after a ransomware event. As long as the majority of ransoms remain relatively low, companies will continue to pay them, and they may do so without involving law enforcement to avoid disruption of their businesses and blemishes to their brands.

Technologies to look out for

Multi-factor authentication

I again believe we’ll see widespread adoption of two-factor authentication across all industries. This is a fundamental technology that effectively addresses a problem that’s grown too big to ignore.

Granular management of privileges

Obviously, Plan A is keeping hackers outside your network. But that isn’t always possible, so organizations must have a Plan B in place when perimeter technologies are breached. Most security experts today look at privilege management as an essential second layer of protection.

Simply put, privileged identity management (PIM) prevents hackers that gain access to your network from then accessing anything and everything inside it. The key is in assigning specific individuals access to specific information. Say, for example, a hacker breaks into the DNC network. Rather than gaining access to everything, they are denied access to any sensitive information because they don’t have the necessary privileges.

Least privileged access

A component of PIM is least privileged access. This means that each person granted access to the network starts with the minimal level that will allow for normal functioning — the lowest level of rights that a user can have and still do their job.

Bitcoin

A final prediction is around bitcoin. Despite a hack in early August that resulted in the loss of 120,000 bitcoin worth $65 million, the cryptocurrency quickly rebounded and has continued to grow in popularity. Expect some additional security measures to be implemented in the exchanges. On a related note, look for the rapid commercialization of blockchain technology beyond the currency realm and into manufacturing, finance, shipping and entertainment. It should be an interesting year.

This article originally appeared in The Huffington Post and is reprinted with permission.