It’s safe to say 2016 was a banner year for cyber attacks and data breaches. Whether talking about an organization, or even a nation-state, the volume and sophistication of attacks has greatly increased. From Internet of Things-powered botnets capable of taking down even the most hardened infrastructure, to nation-states targeting political institutions, the task of securing data and defending systems is only becoming more of a challenge.
While organizations are certainly better prepared today than ever before, the cyber security landscape has undergone several changes and it remains essential that organizations keep close tabs on the data breach landscape as they head into the New Year. There are several trends we are likely to see in the coming year that companies should keep top of mind.
Nation State Cyber Attacks
One prediction is a possible increase in cyber attacks by nation-states and the potential impact to businesses and citizens as a result. We may see an increased shift from more passive cyber espionage, aimed solely at stealing information, to attacks aimed at compromising or disrupting entire systems. One need look no further than the attack on Saudi Arabia’s critical infrastructure that took several government agencies’ systems offline to see how these conflicts can cause significant harm.
An even more concerning trend seen late in 2016 that is likely to continue in the new year are attacks by nation states aimed at disrupting elections and the political process. The most prominent example being reported attempts by Russia to disrupt the presidential election in the United States. While attribution is often challenging, it’s widely believed that Russia had a clear motive and the technical prowess to pull off attacks on the Democratic National Committee and other organizations. These claims have been investigated by the CIA, which has reportedly found strong evidence of Russian culpability. Looking forward, it’s not hard to imagine that similar tactics will be used to disrupt other elections.
In the coming year, this issue could get worse before it gets better. Why? Without a clear, international agreement regarding rules of engagement in cyberspace, the conflicts between nation-states may continue to escalate with each operating under its own doctrine.
The issue of state-sponsored cyberattacks came up several times both during and after the U.S. presidential campaign. Both candidates were asked repeatedly during the debates about the use of targeted cyber attacks by foreign nations. Each candidate acknowledged the increasing risk and indicated a desire to further build up offensive cyber capabilities and keep open the option of using them to respond to attacks.
How and when these offensive capabilities could be utilized remains unclear, but with cyber conflicts becoming increasingly a center of focus, it is easy to expect that there will be a publicly observable action at some point. Given this perceived volatility of the cyber-conflict landscape, the United States may find itself disclosing at least one major offensive cyber operation against a terrorist organization like ISIS, or in retaliation to an attack by a nation-state. The exact target remains to be seen.
While this is an important focus given how cyber-conflicts are developing, it is equally as important that the new presidential administration also focus attention on defensive cyber capabilities and push for initiatives designed to protect the country’s critical infrastructure and organizations.
Aftershock Password Breaches Still a Reality
Even though many companies have experienced some level of data breach in the recent past, not all of them have taken the necessary steps to protect themselves against further breaches.
Additionally, companies that may not have experienced a first-hand data breach could find themselves in an “aftershock” reverberation of other companies’ issues from unauthorized logins or information misuse. As a result, companies will likely need to speed up adoption of two-factor authentication to verify users, or even secondary authentication methods such as SMS alerts, biometrics, tokens or geolocation.
International Breaches to Cause Headaches
Organizations that are multinational will need to be better prepared to handle data breaches on an international scale. Not only are attackers indiscriminate about when and where they acquire data, the EU’s upcoming General Data Protection Regulation (GDPR) rollout will also generate higher consumer awareness and place an increased pressure on businesses to improve their notification standards. Now is the time for multinational companies to shore up their incident response plans and be better prepared.
That means nation states and organizations alike need to stay vigilant about their potentially exploitable information and take proactive steps to protect themselves, including investing in proper cyber insurance protection and shoring up their security measures to protect against large-scale disruptions. They should also prepare a response plan that helps ensure they are taking the proper steps to protect the organization and its customers, and prevent further data loss in the event of a breach. To be effective, response plans cannot live on a shelf, but must be practiced on a regular basis by the response team and updated periodically to keep up with emerging threats.
In the New Year, companies and organizations that keep up on trends likely to affect their industry and properly prepare for cyberattacks may not find themselves completely out of the bullseye, but they will be able to respond more quickly and effectively when a breach does occur, limiting the damage to their reputation, consumers and bottom line.