Four Data Security Trends that Defined 2017

With 2018 upon us, it’s important we take stock of the data security trends and threats that defined 2017. Several notable trends emerged over the course of the year, after all, and these will no doubt continue to shape the data security landscape into 2018 and beyond.

Here are four such remarkable data security trends that helped mould the past year:

1. International Malware Outbreaks

One of the most notable data security trends of 2017 were three strains of malware made headlines for attack campaigns that swept across national boundaries. On 12 May, WannaCry ransomware got things going with an outbreak that claimed the United Kingdom’s National Health Service (NHS), Spanish telecommunications giant Telefonica, and at least 200,000 other organizations worldwide as victims. NotPetya followed less than two months later when the Petya impersonator/wiper malware struck a Ukrainian power supplier, France’s Saint-Gobain, and close to 17,000 other targets primarily in North America and Europe. Both attacks leveraged EternalBlue, an exploit which abuses a vulnerability in Microsoft’s implementation of the Server Message Block (SMB) protocol, for distribution.

It wasn’t until October 2017 that Bad Rabbit, a strain of Diskcoder, reared its head. This malware used drive-by attacks as its primarily means of infecting users. As a result, it infected only a few hundred computers mainly located in Russia, Ukraine, Germany, Turkey, South Korea, the United States, and a few other countries.

2. Mega-Breaches (and Curious Responses)

In light of the hacking attack disclosures involving LinkedInDropbox, Yahoo (which only got worse), and others, history will no doubt remember 2016 as the “Year of the Mega Breach.” 2017 didn’t produce as many mega-breaches as 2016, but it nevertheless yielded some notable data security incidents…with some equally extraordinary responses. You can find a database of data breaches going back to 2013 in Gemalto’s Breach Level Index.

For instance, Equifax acknowledged in the beginning of September that hackers had breached its systems and thereby compromised the personal information of 143 million American citizens. Consumers’ personal data was simply left unencrypted. Things went awry on the day of disclosure when the credit bureau directed concerned users to visit a resource to verify if they were victims of the breach. That resource was located at a separate site riddled with bugs. Additionally, a slow disclosure time and subsequent gaffes on Twitter led Brian Krebs to call the response a “dumpster fire.”

Two months later, the world learned of the data breach at Uber that compromised 57 million driver and rider accounts in 2016. The ride-sharing company ultimately met the hackers’ ransom of $100,000 to ensure the attackers deleted their copy of the stolen data. It then went further by insisting the hackers sign a NDA, camouflaging the ransom payment as a bug bounty program payout, and remaining silent about the breach for more than a year.

3. CIA Hacking Tools

In the spring of 2017, WikiLeaks published a series of documents pertaining to the Central Intelligence Agency’s hacking operations. Detailedin those leaked sources are various tools used by CIA agents to infiltrate their targets, including malware for smart TVsand iOS exploits. The documents even include borrowed code from public malware samples.

Symantec subsequently analyzed those hacking tools in April and linked them to 40 attacks in 16 countries conducted by a group called Longhorn. It’s unclear how many additional attacks those tools have since facilitated.

4. Attacks against Cryptocurrency Exchanges

One Bitcoin was worth just $979 on 1 January 2017. Since then, its value has multiplied more than 13 times, with its rate peaking at $19,843. Investors no doubt celebrated that price explosion. But they weren’t the only ones tracking the digital money’s increase. Malefactors also saw the rise of Bitcoin; they took it upon themselves to try to hack various exchanges for the cryptocurrency. Indeed, at least eight marketplaces have suffered data breaches as of 23 December, with Parity Technologies losing $32 million in Ethereum and hackers stealing $70 million in Bitcoinfrom NiceHash. One can expect this data security trend to continue into 2018.

What Made 2017 Stand Out for You?

Which of these data security trends and threats concerns you most? Also, what other data security trend grabbed your attention in 2017? If so, let me know in the comments!

 

This post also appeared on the Gemalto Security blog here.

The Record – IoT will be the single biggest security threat this year

therecord-logoA new IDC survey has revealed that industry professionals believe that the internet of things (IoT) will pose the biggest security threat to their business in 2017, with respondents citing the rise of DDoS attacks and botnets as key concerns in this area.

 

“Hackers will no longer simply be stealing data, but instead aim to gain unauthorised access to manipulate vital data – which businesses will make important decisions on – for a number of ulterior motives, such as financial or reputational,” said Jason Hart, CTO for data protection at Gemalto.

To read the full article click here.

Computerweekly.com – Ransomware expected to dominate in 2017

cw_logoRansomware and IoT-enabled attacks are expected to continue, while 2017 will see the rise of data integrity attacks, targeting of cloud infrastructure and the use of AI by attackers, experts predict….

2017 will be the year that data integrity breaches will send shockwaves throughout the world, with at least one “almighty” breach disclosure of this type, predicts Jason Hart, chief technology officer of data protection at security firm Gemalto.

Data integrity is a promise or assurance that information can be accessed or modified only by authorised users. Data integrity attacks compromise that promise, with the aim of gaining unauthorised access to modify data for a number of ulterior motives, such as financial or reputational.

“Data integrity attacks are, of course, nothing new, yet they remain under the radar of businesses who have an ever increasing reliance on data and make huge business decisions based on its analysis. These types of attacks are what I like to call the ultimate weaponisation of data,” said Hart.

“The first generation of cyber attacks focused on stopping access to the data, which quickly moved on to stealing it. Today, we’re starting to see more evidence that the stolen data is being altered before transition, effecting all elements of operations,” he said.

According to Hart, data integrity attacks have the power to bring down an entire company and more. “Entire stock markets could be poisoned and collapsed by faulty data. The power grid and other IoT systems, from traffic lights to the water supply, could be severely disrupted if the data they run on were to be altered. And perhaps the greatest danger is that many of these could go undetected for years before the true damage reveals itself,” he said.

 

To read the full article click here.

BBC News – 2017 tech trends: ‘A major bank will fail’

bbcnewsIf 2016 seemed politically tumultuous, 2017 promises to be equally tumultuous on the technology front. The pace of change is accelerating at a dizzying rate, with profound implications for the way we work, play and communicate. So what are the big technology trends to watch out for in 2017?

 

“It’s scary, but data integrity attacks have the power to bring down an entire company and beyond; entire stock markets could be poisoned and collapsed by faulty data. “The power grid and other IoT systems, from traffic lights to the water supply, could be severely disrupted if the data they run on were to be altered,” [Jason Hart] he says.

IDG Connect – What will be the single biggest security threat of 2017?

idg_logoAt the very end of 2015 we ran a straw poll of individuals in the security space to determine what the single biggest security threat of 2016 would be. We divided the 74 “unstructured” comments into a number of lose sections with “people” emerging as the most popular response.

“Hackers will no longer simply be stealing data, but instead aim to gain unauthorised access to manipulate vital data – which businesses will make important decisions on – for a number of ulterior motives, such as financial or reputational.”

Jason Hart, CTO Data Protection at Gemalto

 

To read the full article click here.

smallbusiness.co.uk – Is 2017 going to be the year of the data integrity breach?

small_business_stickyHere, Jason Hart from Gemalto gives us his top tips for businesses to avoid being the next big damaging security breach headline.

Data breach attacks are set to send shockwaves throughout the world in 2017, with at least one ‘almighty’ breach disclosure of this type expected next year, according to Jason Hart, CTO data protection of Gemalto.

“… ‘The first generation of cyber-attacks focused on stopping access to the data, which quickly moved on to stealing it. Today, we’re starting see to more and more evidence that the stolen data is being altered before transition, effecting all elements of operations. With the increasing uptake of the Internet of Things, hackers have more attack surfaces and personas that they can manipulate….”

 

To read the full article click here.

ComputerworldUK – Cybersecurity trends 2017…

computerworlduk…malicious machine learning, state-sponsored attacks, ransomware and malware

Businesses and governments are starting to publicly take cybersecurity very seriously – and a range of high-profile attacks and hacks throughout 2016 provided security issues with even more visibility. But what’s in store for 2017, and how should organisations prepare?

…According to the CTO for data protection at security company Gemalto, Jason Hart, ‘data integrity’ will continue to be a serious issue for businesses. The premise behind data integrity is that information can be accessed or modified only by authorised users – so a data integrity attack involves manipulating that data for other ends.

“Data integrity attacks are nothing new,” Hart says. “But they remain under the radar of businesses who have an ever-increasing reliance on data, and make huge business decisions based on its analysis.

“The first generation of cyberattacks focused on stopping access to the data, which quickly moved on to stealing it,” he explains. “Today we’re seeing more evidence that the stolen data is being altered before transition, affecting all elements of operations. Data integrity attacks have the power to bring down an entire company – stock markets could be poisoned and collapsed by faulty data, the power grid and other IoT systems could be severely disrupted, and perhaps the greatest danger is that many of these could go undetected for years before the true damage reveals itself.”…

To read the full article , click here.

SC Media – Cyber-security industry 2017 predictions: reaching the tipping point

scmedia

 

 

 

 

SC’s Roi Perez sifts through a mountain of predictions for cyber-security in 2017 to pick out recurrent trends, specific predictions and warnings as to where we need to prioritise our defences in the year ahead…

…Looking at 2017, many in the security industry are predicting not only more of the same, but new and improved techniques which will take cyber-attacks to the next level. One of the most notable is from Jason Hart, CTO Data Protection, Gemalto, who is predicting that data integrity breaches are set to send shockwaves throughout the world in 2017, with at least one ‘almighty’ breach disclosure of this type expected next year.

Data integrity is a promise or assurance that information can be accessed or modified only by authorised users. Data integrity attacks compromise that promise, with the aim of gaining unauthorised access to modify data for various ulterior motives, such as financial or reputational damage.

Hart said: “Data integrity attacks are, of course, nothing new, yet they remain under the radar of businesses who have an ever increasing reliance on data and make huge business decisions based on its analysis. These types of attacks are what I like to call the ultimate weaponisation of data.”

To read the full article click here.

vmblog.com – 2017 Predictions: The Breach that Breaks the Camel’s Back

2017 Predictions vmblog.com

 

It’s December, the final month of the year where we both reflect and look forward, and it will probably come as no surprise that I want to talk about data breaches again.

In 2014, I predicted we would start taking data breaches more seriously, and last year, I talked about how I expected to see an uptick in targeted attacks on personal and intellectual property data – the types of breaches where attackers are not just targeting data for its immediate value, but for potential future value as well. In 2017, I expect that we’ll see more precise and complex data integrity attacks for both financial gain and/or to embarrass victims, and we’ll see one large attack that demonstrates the true pain of this type of attack. And I expect it will be in the type of industry or organization that shrugs and asks, “why would hackers target us?”

Data integrity attacks are not entirely new, nor do they have to be “big” to cause serious damage, but they do represent the ultimate weaponization of data. Instead of trying to steal large amounts of sensitive data, hackers instead focus on changing specific parts of transactions or information, or strategically leak the information obtained (think of Wikileaks and Hillary Clinton’s emails this past summer), to gain a financial or political foothold. For example, the Stuxnet worm allowed hackers to make very minor changes that had a major impact on Iran’s nuclear program. Similarly, hackers used the same process to attack large banks including JP Morgan, giving them an in-depth understanding of how internal operations worked.  In late 2015, many suspected that the attack on Ukraine’s power grid was the result of ongoing political disagreements with Russia, and the same could said for early 2016 when Israel’s electricity authority was hit by ransomware. Later this year, the World Anti-Doping Agency and Democratic National Committee breaches demonstrated how data can be manipulated to embarrass organizations.

So why do I think data integrity attacks will ramp up during the coming 12 months and continue over the next few years? The proliferation of the Internet of Things (IoT) means that hackers have a seemingly-infinite number of different attack surfaces and personas that they can manipulate. We are also using data that is being generated as an input to make business decisions. Decision-making by senior government officials, corporate executives, investors and average consumers about everything from investment decisions to which traffic signals you should obey will be impacted if they cannot trust the information they are receiving.

Before you pack your doomsday prep kit, there are some positive signs. Over the past few years, my conversations with customers have shifted from how to prevent breaches to how to protect DATA. Organizations have started to understand that breaches are not going away and that attack surfaces are constantly evolving.  When I talk to the businesses we work with, one of the first questions I ask is, “What are you trying to protect?” Without understanding what data you’re trying to protect, there is no point in spending money to protect it.

Companies need to start with a data centric approach to security, because it is the data hackers are often targeting. While data mapping is important to help create a better understanding of threats, another concern is users and devices. We have found this year that personal and workplace identities are converging at an alarming rate. A recent survey revealed that 90% of enterprise IT professionals are concerned that employee reuse of personal credentials for work purposes could compromise security, but two thirds (68%) still say they would be comfortable allowing employees to use their social media credentials on company resources. It is an interesting juxtaposition for companies to be concerned about the reuse of personal credentials, yet allow access to company resources with third-party social sites.

All of these factors, IoT, lack of two factor authentication, third-party security risks and unencrypted data, compound the risk of large scale data integrity attacks. We are just seeing the beginnings of these types of attacks. Take for example during this year’s U.S. election and the government and media debate around Russia’s state-sponsored attacks to manipulate political decisions. Protecting the integrity of the data we consume will become even more crucial as more of our information takes to the digital channels.

 

This article originally appeared as a contributed blog post on the VMBlog.com here