Round up of 2017 predictions
Leading executives from information technology players, A10 Networks, Attivo Networks, Axiom Telecom, BT, Dell, Equinix, Fortinet, KPMG, Intel Security’s McAfee Labs, Riverbed Technology, Sophos, Veeam Software, present their take on what lies ahead in 2017.
(Top left to right) Mohammed Al-Moneer is Regional Director MENA at A10 Networks; Ray Kafity is Vice President of Middle East, Turkey and Africa at Attivo Networks; Fahad Al Bannai, CEO of Axiom Telecom; Wael El Kabbany is Vice President of Middle East, North Africa and Eastern Mediterranean at BT; Jeff Clarke is Vice Chairman of Operations and President of Client Solutions at Dell; Jeroen Schlosser is Managing Director of Equinix MENA.
(Below left to right) Alain Penel is Regional Vice President of Middle East at Fortinet; Vikas Papriwal, Head of Markets, KPMG Lower Gulf; Vincent Weafer, Vice President of Intel Security’s McAfee Labs; Taj ElKhayat is Regional Vice President of Middle East and Africa at Riverbed Technology; Harish Chib is Vice President, Middle East and Africa at Sophos; Gregg Petersen is Regional Director Middle East and SAARC at Veeam Software.
The cyber landscape changes dramatically year after year. If you blink, you may miss something, whether a noteworthy hack, a new attack vector or new solutions to protect your business. Sound cyber security means trying to stay one step ahead of threat actors.
IoT poses major threat
In late 2016, all eyes were on IoT-borne attacks. Threat actors were using IoT devices to build botnets to launch massive distributed denial of service attacks. In two instances, these botnets collected unsecured smart cameras. As IoT devices proliferate, and everything has a web connection, refrigerators, medical devices, cameras, cars, tyres, you name it, this problem will continue to grow unless proper precautions like two-factor authentication, strong password protection and others are taken.
Device manufactures must also change behaviour. They must scrap default passwords and either assign unique credentials to each device or apply modern password configuration techniques for the end user during setup.
We recently saw some of the largest DDoS attacks on record, in some instances topping 1 Tbps. That is absolutely massive, and it shows no sign of slowing. Through 2015, the largest attacks on record were in the 65 Gbps range. Going into 2017, we can expect to see DDoS attacks grow in size, further fueling the need for solutions tailored to protect against and mitigate these colossal attacks.
Math, machine learning and artificial intelligence will be baked more into security solutions. Security solutions will learn from the past, and essentially predict attack vectors and behavior based on historical data. This means security solutions will be able to accurately identify and predict attacks by using event data and marrying to real-world attacks.
Similar to IoT attacks, it is only due time until we see major industrial control system attacks. Attacks on ecommerce stores, social media platforms and others have become so commonplace that we have almost grown cold to them. Bad guys will move onto bigger targets: dams, water treatment facilities and other critical systems to gain recognition.
The DDoS attack launched against DNS provider Dyn, which resulted in knocking out major sites that use Dyn for DNS services, made headlines because it highlighted what can happen when threat actors target a service provider as opposed to end customers.
These types of attacks on upstream providers cause a ripple effect that interrupts service not only for the provider, but for users. The attack on Dyn set a dangerous precedent and will likely be emulated several times over in the coming year.
Cyber security is just one part of the puzzle. Strong physical security is also necessary. In 2017, companies will take notice, and will implement stronger physical security measures and policies to protect against internal threats and theft and unwanted devices coming in and infecting systems.
With autonomous vehicles on the way and the massive success of sophisticated electric cars like Tesla’s, the automobile industry will become a much more attractive target for attackers. Taking control of an automobile is not fantasy, and it could be a real threat next year.
Instead of buying a single solution, businesses must trust security solutions from best-of-breed vendors and partnerships that answer a number of security needs. Why have 12 solutions when you can have three? In 2017, your security footprint will get smaller, but will be much more powerful.
Ransomware was one of the fastest growing online threats in 2016, and it will become more serious and more frequent in 2017. We have seen businesses and individuals pay thousands of dollars to free their data from the grip of threat actors. The growth of ransomware means we must be more diligent to protect against it by not clicking on anything suspicious. If it sounds too good to be true, it probably is.
The days of security teams working 9-to-5 are long gone. Now is the dawn of the 24/7 security team. As more security solutions become services-based, consumers and businesses will demand security teams and their vendors be available around the clock. While monitoring tools do some of the work, threats do not stop just because it is midnight.
The region’s rapid digitisation and technological transformation, coupled with its wealth, has opened the doors to cyberattacks from a host of attackers. In the wake of smart services, mobility and the Internet of Things, the attack surface has increased.
On the surface, it may appear that the number of breaches affecting retailers and incidences of customer data theft are decreasing. This, in fact, is a misnomer. The number of attacks seems lower because of the lack of disclosed information, as well as the gradual shift in focus from retail segment to others, such as travel and restaurants.
Attackers are also moving downstream and focusing on smaller retailers and businesses, tempted by the number of target organisations available and less sophisticated IT infrastructure. The core problem around point of sale breaches remains largely unaddressed.
Thousands of POS systems continue to run without any form of anti-virus software because of older Windows XP operating systems and the trust relation system with asset management servers. With compromise to the asset management system, malware can be distributed un-noticed to POS terminals en masse.
With this compromise, attackers can continue updating new variants of malware, commands and exfiltration of data. This is an extremely high-risk vulnerability that can go undetected for months, even years, before the breach is discovered.
This is worrying, considering the UAE e-commerce market is estimated to grow to AED 40 billion almost $11 billion by 2020, according to Frost & Sullivan. Furthermore, with increased use of the TOR network and the value of data sold on the DarkWeb being between $5-$30 per stolen credit and debit card, the incentive to target POS systems will remain high.
Detection over prevention
As breaches continued this year, a larger number of CISOs started considering more budget allocations towards detection systems, so that attackers inside the network could be identified and stopped. Historically, more than 75% of InfoSec technology budgets are spent on preventive solutions and their maintenance.
However, a recent survey by Pierre Audoin Consultants among 200 decision makers showed they expected to spend 39% of their IT security budgets overall on detection and response within two years. Gartner has also projected that by 2020, 60% of security budgets will be allocated for rapid detection and response approaches, up from less than 10% in 2014.
Deception enters mainstream
Gartner predicts that by 2018, 10% of enterprises will use deception tools and tactics, and actively participate in deception operations against attackers, closing the gap in detecting signature-less or unknown attacks. In 2017, deception technology will be a preferred solution for advanced threat detection.
Gartner has called out deception as an automated responsive mechanism, representing a major shift in capabilities and the future of IT security. They have stated that deception is the most advanced approach for detecting threats within a network and acknowledged it as a top 10 security trend for 2015, 2016, and again for 2017.
According to a variety of sources, malware continues to go undetected within companies for months, with some detections occurring after as many as 200 days. With more emphasis on detection technology, there will be a decrease in dwell time and an increase in the number of breaches being detected by internal teams.
Historically, only 1 in 5 breaches are detected internally. By the end of 2017, this number will increase to 50% of all breaches being detected internally by customers, law enforcement agencies, and third parties.
Frost & Sullivan estimates that network security spending in the GCC will reach $1 billion by 2018. While this is encouraging, intelligence-sharing is as important in the campaign against cybercrime. Vendors will continue to collaborate in sharing information and on integrating their solutions, enabling the sharing of data and providing security teams with a single source of information on possible attacks.
Collaboration will allow teams to see real threats they might have missed on their own, based on a partial view of threat activity throughout the network. Operational efficiency will increase significantly, providing better detection, quick remediation, and more effective incident response at the time of attack.
Next year will see significant developments in mobility, driven by continuous industry innovation and a growing tech-savvy millennial community, according to the region’s leading mobility retailer, Axiom telecom. Fahad Al Bannai CEO, said he expects 2017 to be a prosperous year for the digital world, as the boundaries to what can be achieved with a mobile device are once again broken.
Location-Based Services will break the marketing mold
Perhaps one of the most interesting emerging developments is that which will blur the line between being online and offline, beacon technology. Apple’s iBeacon technology has been a pioneer on this front, allowing mobile apps to understand their position on a micro-local scale, and deliver hyper-contextual content to users based on location. The result? Businesses can offer real-time deals based on where they are at any given point in time.
“Imagine you are walking down a boulevard, hungry, and you receive a notification that your favorite burger spot is offering a great deal. That is what location-based services, such as beacon technology, is allowing businesses to do,” said Al Bannai. “It gives them the ability to reach the right customer, at the right time, and the right location. This is definitely a great tool for businesses, but will also be beneficial to the end-user, as it helps them find what they need, when they need it.”
Piece of application pie
Developments in technology and continuous success being realised by major brands is inspiring small businesses to follow suit and develop applications of their own. According to figures reported by the mobile application publishing platform, Bizness Apps, more than 50% of small business will be looking to create a mobile application next year. Furthermore, by 2017, it is expected that more than 268 billion downloads will generate $77 billion worth of revenue for the application industry.
In a market like the UAE, where SMEs represent more than 94% of businesses in the country, this offers the application industry enormous potential.
“If you think of the one device that we rely on all day to keep us connected, it is our smartphone. Consider the possibilities of being able to reach a relevant audience using this valuable instrument,” said Al Bannai. “Small businesses are witnessing tremendous success of their counterparts and now want a piece of the application pie. And with application creation becoming more affordable every day, the technology is now within reach of most businesses, regardless of size.”
Augmented and virtual reality
Mobile manufacturers such as Samsung and HTC have already starting exploring this space with the Gear VR and VIVE, respectively, but that is only the start to a whirlwind of cutting-edge virtual and augmented reality technologies that will soon hit the market.
According to market advisor Digi-Capital, augmented, virtual reality revenue is expected to reach $120 billion by 2020, with augmented reality accounting for $90 billion and virtual reality accounting for $30 billion, and driven largely by the consumer and mobile augmented, virtual reality markets.
One of the primary roles of a market leader is to envisage powerful technology trends that are poised to drive significant shifts across industries. The point of making predictions is not to be right, but to be ready. So with that purpose in mind, what might technology have in store for the Middle East in 2017 and the years beyond?
One prediction we can make with absolute confidence is that several long term underlying trends will continue to unfold. Digitisation, security, cloud and big data technologies are maturing and manifestly changing the way we work.
More and more organisations have started to fully embrace cloud services, recognising the cost-cutting and agility-improving benefits that they provide. According to Gartner, Cloud Business Process as a Service BPaaS, is the largest segment of cloud services market in the Middle East and North Africa, and is expected to reach $340.2 million in 2020.
An important trend in the world of the cloud is the emergence of ecosystems. In a bid to differentiate, cloud providers have recognised that they must have the right partners embedded in their cloud. In line with this move, we are going to see more cloud providers take steps to attract new partners to their communities.
Intelligent networking will be a major trend in 2017. The virtualisation of network functions will allow Chief Information Officers to connect more sensors, access more data and undertake better analytics. An intelligent network will be security aware, it will detect that it is under attack, be able to identify the threat and alert other networks.
We will see an amplifying demand for dynamic networks that enable a more agile response to major security events, especially with heightening security concerns surrounding smart cities.
Era of immersive technology
According to IDC, the augmented and virtual reality market in the Middle East and Africa MEA is set to increase to a staggering $6 billion by 2020. Businesses in the Middle East have been quick on leveraging this immersive technology to transform their consumer interactions. And as the line between physical and virtual reality continues to blur, we might see its application in the collaborative space, replacing messaging services, chat rooms and more.
Moreover, augmented reality will enable medical institutions across the region to facilitate access-at-a-distance surgeries. This is likely to increase the relevance of the efforts put forth by Dubai, which is taking giant strides in becoming the medical tourism hub with an aim to draw 500,000 medical tourists by 2020.
Self-aware Security Solutions
Security remains a systemic threat, but the security challenge is a wide one. 2016 has already seen a spate of notable network infiltrations – the most notorious one being the hack against Qatar National Bank, the biggest lender in the Gulf. Banking and finance and the energy sector are increasingly finding themselves in the crosshairs of advanced cyberattacks.
The continued focus of threat activity against relevant critical systems such as SWIFT, are a constant reminder of the reach and capability of a determined and motivated cyber-criminal. According to Frost and Sullivan, GCC’s network security spending is set to grow to $1 billion by 2018. This statistic reflects the demand for next-level machine learning techniques and network function virtualisation in 2017 to help create networks that are ‘security aware’.
IoT in banking
IoT spending in the Middle East is expected to reach $3.2 billion in 2019, according to IDC. With a growing number of data sensors, and with clients becoming increasingly comfortable with the concept of the IoT, banks now find themselves in a position to create sophisticated systems not seen before.
For example, the use of IoT will enable banks to streamline mortgage applications by employing data intelligence pertinent to a specific property. Using IoT, banks will be able to develop real time analysis of risk in a specific area, making risk profiling quicker and more personalised.
The real value of business lies in its data. As we move forward, businesses will invest in technologies to develop new capabilities needed to refine big data. Extracting value from user-generated data poses a major challenge for businesses. Hence, businesses will lean towards expanding their big data projects in order to capture real-time insights, meet customer expectations efficiently and accommodate future business growth.
This will also act as an impetus driving businesses to adopt the public cloud as a platform for data storage, which is steadily increasing.
If you could predict the future, how would you do things differently? According to the Digital Business study conducted by Dell Technologies across 16 countries which include UAE and Saudi Arabia, 66% said competition from digital start-ups is incentivising them to invest in IT infrastructure and digital skills leadership.
The last couple of years have been tumultuous for organisations to say the least. Every cinema in the region has its Netflix and YouTube. Every bookstore and library has its Amazon. Expect even more disruption to come down the pike. Established companies are being out-maneuvered and out-innovated by digital start-ups across the world. Nearly one in two do not even know whether they will be around in three to five years’ time.
But amid the disruption is opportunity, and lots of it. Here are seven significant trends for 2017 and beyond seven being a lucky number. No doubt some of these will change the way you do business, from the edge, to the core, to the cloud.
Immersive technology goes mainstream
2017 will signal the democratisation of immersive creativity. Very soon, creators will be able to weave their magic with some super powerful technology, and in time, this technology will be adopted by the wider population. Builders and architects will walk onto project sites and use their devices to see full-scale models of buildings before any work has even begun.
Augmented reality and virtual reality come to fore
According to IDC’s Worldwide Augmented and Virtual Reality Spending, the Middle East and Africa market is set to expand to $6 billion by 2020. Organisations in the region have been quick on leveraging this technology to transform consumer processes and interactions, in addition to democratising business, education and health care.
The blurring of the physical and virtual worlds could well herald the end of lectures and incessant note-taking, by bringing education to life with more immersive senses like touch. Furthermore, AR and VR will enable medical institutions and hospitals in the region to facilitate access-at-a-distance surgeries and medical care.
Chief IoT Officer
Business chiefs are popping-up all over the place. Chief Digital Officers were all the rage but now there is a new kid on the block, in the shape of the Chief IoT Officer. Why do we need them? Because companies will experience mounting pressure to bridge the gap between operations and IT. IDC claims that the global data volume will increase to 44 zettabytes over the next six years.
In a bid to improve efficiency, the Chief IoT Officer will be the agent of change, responsible for pulling their organisations into the Fourth Industrial Revolution.
Expect the attack perimeter to widen this year and encroach upon other areas of the business beyond the IT network. 2016 has been earmarked with a series of advanced cyber-attacks particularly targeting the banking and finance, oil and gas and energy sectors, which are the backbone of the regional economy. Recently, a variant of a lethal computer virus called Shamoon attacked Saudi Arabia’s General Authority of Civil Aviation. It crippled thousands of computers in its wake, bringing all operations to a halt. This proves that in the age of the connected world, practically anything with an IP address can be hacked.
Understanding that it is not just your data that needs to be protected, but devices as well is going to be a critical awakening for businesses going forward.
The era of intelligent machines
Any doctor will tell you that prevention is better than cure. And now, thanks to machine learning, we can tell when a piece of technology is about to break before it does, and address the issue quickly. Advancements in machine learning are enabling organisations to take a step closer to develop intelligent systems, which are more responsive to the changing IT environments. Machine learning allows IT staff to focus on business innovation.
5K and more
Just when people thought 5K resolution would supplant 4K as the next industry standard, rumors of large displays with double the resolution are starting to circulate. In 2017, people’s experiences of living in technicolor will be upgraded further, until the real-world will look dim in comparison.
It is no secret that companies, and people, are struggling to cope with the tremendous amount of data now online. By making machines watch popular TV shows they are learning how to predict how humans will behave. MIT researchers believe machine perception will revolutionise industries where insight can be acquired from data at scale. For example, computer vision may provide an affordable, more accurate procedure to screen people for medical issues. In time, machines will start to apply their learning across modalities and domains, making it possible to learn from text or virtual worlds.
Equinix, the global interconnection and datacentre company, announced its 2017 industry predictions, noting that global IT transformation will trigger significant changes for several industries in the coming year.
Year of multi-cloud convergence
Cloud adoption has matured to an advanced stage where enterprises are increasingly relying more on cloud infrastructure. Enterprises are already using multiple clouds, and the need to connect more diverse and traditionally divided ecosystems with demanding expectations around performance, user experience and seamless integration will push this trend more aggresively in the coming year.
2017 will be the tipping point, when the convergence of multiple clouds across the enterprise, data, applications, infrastructure, personal, will fundamentally change the way people and businesses operate.
Rise of digital edge
Business models are being disrupted, forcing changes in how enterprises operate in the digital economy. The convergence of multiple clouds will call for a natural extension of the corporate boundaries for today’s digital business to the edge, where users and data reside.
This will be important for businesses to better engage with customers in real-time, leveraging social, mobile, analytics and cloud technologies.
Rise of interconnected fabric
Companies will move to connect their digital and physical worlds, to support business around the globe. As enterprises leverage multiple clouds, it can be challenging to manage solutions across different cloud environments from different vendors. If the right cloud management structure is not in place early, these operational issues could start stacking up at a rapid speed leading to severe issues impacting service delivery at the digital edge.
2017 will see the acceptance of an interconnected fabric among enterprises, residing in carrier neutral facilities, to create a central nervous system that connects all aspects of the digital business.
For digital business to be successful and address demands placed by regulatory compliance, companies need to solve for security in a distributed environment across people, things, processes and information. As hybrid cloud becomes more popular, enterprises will realise that cloud providers do not provide all encompassing security solutions. Enterprises will have to own the security of their applications and data within the multi-cloud environment.
Interconnections will provide customers the choice to move from point security solutions to the flexibility of buying Security-as-a-service with benefits such as speed of implementation, ease of set-up and maintenance, real-time protection.
The payments world is undergoing more change, more rapidly than it has encountered since the dawn of currency. Growing smartphone penetration and web access are enabling widespread popularity of global, mobile and online commerce.
The proprietary siloed approach that has been the standard for payments services delivery is beginning to fade away and opening doors for new technologies and business models at the intersection of commerce and payments. At the same time, decentralisation of payments services technology is expanding value for merchants, as they are now able to select platforms that work better for their businesses.
This shift will require businesses to become interdependent and cloud-enabled, with reliable, secure and instantaneous connectivity to compete. A universe of interconnected commerce and payments providers will create new opportunities for the integration of payments, commerce, data, and marketing, enabling new solutions and partnerships around the globe.
SDN and NFV
The ongoing and massive surge in data traffic worldwide has pushed the way for the new age of global network backbone consisting of intercontinental submarine cables, 5G wireless networks and satellites that beam data down to earth using lasers. Networking that previously depended on physical wiring can now be dynamically controlled via software.
Going forward, the next generation infrastructure, compute, storage, network and datacentres, will be open source based. Software Defined Networking and Network Functions Virtualisation, centralise and automate the management of large, distributed multi-datacentre networks using simple application level policies.
IoT becomes a reality
IoT will truly evolve from single vendor independent solutions to those that talk to each other leveraging the same data. As the number of players in the value chain increases, the end-to-end service concept will take precedence and interconnection will become more important for access to networks and multiple clouds.
Going forward, the objective will be to relieve pressure on corporate-centric networks by distributing the traffic more broadly as well as to better control the performance of the streaming IoT information for more real-time business and operational insight.
With the growth and pervasiveness of online devices and digital tools, we reached a critical tipping point in 2016. The need for accountability at multiple levels is urgent and real and affects us all. If something is not done, there is a real risk of disrupting the emerging digital economy.
The rise of the digital economy is not just changing how organizations conduct business. The effects of this fourth industrial revolution are more pervasive, and the change is unprecedented beyond anything that has come before it.
Slamming the brakes on a global economy in such a transition could be devastating. Vendors, governments, and consumers driving this change need to step up and be accountable for making sure that does not happen. Cybersecurity is a strategic decision in all of these scenarios. It will not be easy.
Automated and human-like attacks will demand more intelligent defense
Most malware is dumb. Sure, it might have evasion techniques built into it, and be good at hiding in the noise of a device or the network. But it is only programmed with a specific objective or set of objectives. A hacker simply points it at a target, and it either accomplishes its task or it does not.
Cybercriminals compensate for the binary nature of such malware in two ways; either through the time-intensive management of multiple tools to guide an attack to a specific target, or through volume. This is about to change.
Threats are getting smarter and are increasingly able to operate autonomously. In the coming year, we expect to see malware designed with adaptive, success-based learning to improve the success and efficacy of attacks. This new generation of malware will be situation-aware, meaning that it will understand the environment it is in and make calculated decisions about what to do next.
In many ways, it will begin to behave like a human attacker: performing reconnaissance, identifying targets, choosing methods of attack, and intelligently evading detection. We will also see the growth of cross-platform autonomous malware designed to operate on and between a variety of mobile devices.
Autonomous malware, including transformers, that are designed to proactively spread between platforms can have a devastating effect on our increasing reliance on connected devices to automate and perform everyday tasks. It will require highly integrated and intelligent security technologies that can see across platforms, correlate threat intelligence, and automatically synchronize a coordinated response.
IoT manufacturers will be held accountable for security breaches
Increasing attacks targeting IoT devices is probably the safest prediction for 2017. With over 20 billion IoT devices online by 2020, versus one billion PCs, the math is pretty easy. Most of these IoT devices are headless, which means we cannot add a security client or even effectively update their software or firmware. We predict that attacks targeting IoT devices will become more sophisticated, and be designed to exploit the weaknesses in the IoT communications and data gathering chain.
We predict the growth of massive Shadownets, a term we use to describe IoT botnets that cannot be seen or measured using conventional tools. Right now, these Shadownets are being used as blunt instruments to deliver unprecedented DDoS attacks. The most likely first step will be targeted DDoS attacks combined with demands for ransom.
Concurrent with the growth of Shadownets will be the development of an IoT Deepweb. The Deepweb is traditionally that part of the Internet that is not indexed by search engines. We predict that Shadownets of compromised IoT devices will begin to be used for such things as temporarily storing stolen information, creating an IoT-based Deepweb. Swarm or peer-to-peer tools will be used to surreptitiously store, manage, and access data across millions of devices. TOR-like functionality is likely to also be introduced, allowing IoT networks to be used to anonymize data and traffic.
Most IoT devices are designed to provide customized experiences for their owners, and collect marketing and use information for their manufacturers. Most of these companies, however have no specialized technology skills. Instead, macroeconomics dictates that multiple vendors will buy IoT components from a single OEM vendor and simply plug them into whatever device they are selling. This means that a single compromise can be multiplied across dozens or even hundreds of different devices distributed by different manufacturers under multiple brand names and labels. We predict that these OEM vendors will be targeted and that an exploit will be used to compromise the supply chain of millions of devices.
IoT is a cornerstone of the digital revolution. IoT manufacturers have flooded the market with highly insecure devices. In addition to being compromised, millions of IoT devices could simply be disabled or bricked. This would lead to consumer help desks being overwhelmed and creating a denial of service attack on a targeted company.
While enterprises have a number of options available for managing many of the security issues that IoT devices and networks introduce, such as access control and network segmentation, consumers have few if any. If IoT manufacturers fail to secure their devices, the impact on the digital economy could be devastating should consumers begin to hesitate to buy them.
We predict that unless IoT manufacturers take immediate and direct action they will not only suffer economic loss, but will be targeted with legislation designed to hold them accountable for security breaches related to their products.
20 billion IoT and endpoint devices are weakest link for attacking cloud
The move to cloud-based computing, storage, processing, and even infrastructure is accelerating. Naturally, this expands the potential attack surface. Most cloud providers have responded by designing their networks with Layer 2 and 3 security technologies to segment the cloud between tenants, control access, and protect the cloud providers’ internal network from their public offering. More sophisticated security tools, like Next Gen Firewalls and IPS solutions, can be added and paid for by the tenant.
The weakest link in cloud security, however is not in its architecture. It lies in the millions of remote devices accessing cloud resources. In this next year, we expect to see attacks designed to compromise this trust model by exploiting endpoint devices, resulting in client side attacks that can effectively target and breach cloud providers.
The cloud is also being used to provide ubiquitous access to applications, resources, and services. Using this same client-side exploit, we expect to see the injection of malware into cloud-based offerings by compromised endpoint clients, a process known as cloud poisoning.
Businesses were initially slow to adopt cloud-based strategies precisely because they were concerned about the security of an environment they did not own or control. If the cloud-based environments and solutions they are now adopting are suddenly found to be untrustworthy, it could radically affect the current migration to the cloud and the resulting evolution of network infrastructures.
Attackers will begin to turn up heat in smart cities
We are seeing a move towards smart cities in order to drive sustainable economic development, better manage natural resources, and improve the quality of life for citizens. The interconnectedness of critical infrastructure, emergency services, traffic control, IoT devices such as self-driving cars, and even things like voting, paying bills, and the delivery of goods and services will create unprecedented efficiencies in urban and even suburban environments.
The potential attack surface in such an environment is massive. The potential for massive civil disruption should any of these integrated systems be compromised is high, and are likely to be a high-value target for cybercriminals, cybervandals and politically motivated hacktivists.
We predict that as building automation and building management systems continue to grow over the next year that they will be targeted by hackers. We have already seen the compromise of the data of a large US retailer through the exploitation of its IP-enabled HVAC system.
Like with the IoT DDoS attacks, these exploits will likely be blunt instrument attacks at first, such as simply shutting down a building’s systems. But the potential for holding a building for ransom by locking the doors, shutting off elevators, rerouting traffic, or simply turning on the alarm system is significant. Once this happens, taking control of centralized systems deployed across a smart city is not too far over the horizon.
Ransomware was just gateway malware
Holding high value assets hostage in exchange for some sort of payment is not new. Ransomware attacks have been in the news for the past couple of years, and no one expects them to go away any time soon. But the growth of Ransomware-as-a-service in 2016, where potential criminals with virtually no training or skills can simply download tools and point them at a victim, in exchange for sharing a percentage of the profits with the developers, means this high-value attack method is going to increase dramatically.
According to some experts, the total cost of ransomware for 2016 is expected to top one billion dollars, and is expected to grow exponentially in 2017.
We expect to see very focused attacks against high-profile targets, such as celebrities, political figures, and large organizations. In addition to simply locking down systems, these attacks are likely to include the collection of sensitive or personal data that can then be used for extortion or blackmail. We also expect to see the cost of ransom for these attacks to get much higher.
There is a cost threshold for targeting average citizens and consumers that has traditionally prevented it from being cost-effective for attackers. We predict that this limitation will be overcome in 2017 as automated attacks introduce an economy of scale to ransomware that will allow hackers to cost-effectively extort small amounts of money from large numbers of victims simultaneously, especially by targeting online IoT devices.
The ransom value of a kidnapped record is based on its ability to be replaced. Patient records and other human data are difficult if not impossible to replace. These records also have higher value because they can be used to establish fraud. Unless they get serious about security, we predict an increase in the number of healthcare organizations that will be targeted for ransom-based attacks. We should also see an increase in the targeting of other businesses that collect and manage human data, such as law firms, financial institutions, and government agencies.
Technology will have to close gap on skills shortage
The current shortage of skilled cybersecurity professionals means that many organizations looking to participate in the digital economy will do so at great risk. They simply do not have the experience or training necessary to develop a security policy, protect critical assets that now move freely between network environments, or identify and respond to today’s more sophisticated attacks.
Security vendors will need to respond to these changes and rethink their traditional, siloed approach to developing security tools. The historical goal has been to build a fortress against an invisible enemy.
Today’s security needs to start with visibility, and then dynamically build an integrated and adaptable security framework around that intelligence. Vendors that cannot adapt to the scope and scale of the borderless digital economy, and the evolving requirements of today’s digital businesses, will fail.
The vast majority of UAE CEOs are confident about prospects for their organisations over the next three years, the KPMG 2016 CEO Outlook has found. The survey findings reveal that 76% of polled UAE CEOs, compared to 41% of global CEOs, believe that their business will change significantly over the next three years. The survey also found that UAE CEOs believed that growth over the next three years was mainly going to be organic and driven by new products.
Vijay Malhotra, CEO of KPMG in UAE and Oman, commented: “Change is a constant theme in the UAE. Following the recent announcement that the UAE Innovation Week will run for a month beginning 2018, it is encouraging to note that the findings of our UAE CEO Outlook mirror the UAE Government’s vision for the next three years – with a focus on disruption, innovation and digitisation.
“While some of the UAE findings reinforce global trends and leading practices, we find UAE CEOs are generally more optimistic about the next three years than their global counterparts. This is indicative of the UAE’s shift towards a knowledge-based economy that aims to foster growth and development across non-oil sectors.”
The survey also found that most UAE CEOs have identified a strong client focus as a key strategic priority. Interestingly, three-quarters of UAE CEOs think their organisation will be significantly different in three years’ time, almost twice as many as the global response.
UAE CEOs stated that regulatory, talent and reputation were their top three areas to look out for the next three years. CEOs also believed that there was likely to be a significant gap for workers with a range of strategic skills in the short-term, including cyber security, digital, innovation and data and analytics.
While financial incentives were seen as the most effective way of attracting and retaining staff, non-financial methods of securing talent including fostering a collaborative environment and offering new career paths were found to be more effective in the long term.
Vikas Papriwal, Head of Markets, KPMG Lower Gulf said: “It is very encouraging that UAE CEOs across key sectors remain confident of their ability to successfully transform their business despite a challenging economic backdrop. The time for change is now or never and UAE CEOs know what they need to do to stay successful in the short term and emerge as winners.
The 2017 threat predictions run the gamut, including threats around ransomware, sophisticated hardware and firmware attacks, attacks on smart home IoT devices, the use of machine learning to enhance social engineering attacks, and an increase in cooperation between industry and law enforcement.
“To change the rules of the game between attackers and defenders, we need to neutralise our adversaries’ greatest advantages,” said Vincent Weafer, Vice President of Intel Security’s McAfee Labs.
“As a new defensive technique is developed, its effectiveness increases until attackers are compelled to develop countermeasures to evade it. To overcome the designs of our adversaries, we need to go beyond understanding the threat landscape to changing the defender-attacker dynamics in six key areas: information asymmetry, making attacks more expensive, improving visibility, better identifying exploitation of legitimacy, improving protection for decentralised data, and detecting and protecting in agentless environments.”
- Ransomware attacks will decrease in second half of 2017 in volume and effectiveness
- Windows vulnerability exploits will continue to decline, while those targeting infrastructure software and virtualisation software will increase
- Hardware and firmware will be increasingly targeted by sophisticated attackers
- Hackers using software running on laptops will attempt dronejackings for a variety of criminal or hacktivist purposes
- Mobile attacks will combine mobile device locks with credential theft, allowing cyber thieves to access banks accounts and credit cards
- IoT malware will open backdoors into the connected home that could go undetected for years
- Machine learning will accelerate proliferation of and increase the sophistication of social engineering attacks
- Fake ads and purchased likes will continue to proliferate and erode trust
- Ad wars will escalate and new techniques used by advertisers to deliver ads will be copied by attackers to boost malware delivery capabilities.
- Hacktivists will play an important role in exposing privacy issues
- Leveraging increased cooperation between law enforcement and industry, law enforcement takedown operations will put a dent in cybercrime.
- Threat intelligence sharing will make great developmental strides in 2017.
- Cyber espionage will become as common in the private sector and criminal underworld as it is among nation-states
- Physical and cybersecurity industry players will collaborate to harden products against digital threats.
In 2016, Middle East enterprises went through one of the biggest transitions in a decade as they began to embark on their digital transformation journeys. Characterised by growing uptake of third-platform, enterprise mobility and big-data initiatives, all supported by increasingly complex hybrid networking infrastructures, this necessary evolution has not been without its challenges for businesses in the region.
Now as the digital transformation continues to steam head in 2017, Riverbed Technology provides the following list of trends and predictions to help organisations better plan their IT strategies for the year ahead.
Architecture for digital transformation
IDC predicts that by 2017, 60% of digital transformation initiatives will be unable to scale due to lack of strategic architecture. And by 2018, 70% of siloed digital transformation initiatives will fail due to insufficient collaboration, integration, sourcing, project management. Research from MIT Sloan Management and Deloitte University Press found that less-mature digital companies tend to take a tactical, piecemeal approach as they solve discrete business problems with individual digital technologies.
As a result, they do not fully integrate digital technologies with their business operations, do not solve underlying infrastructure problems that cause frequent application performance issues across the enterprise, and fail to deliver required technical capabilities at scale.
Enterprises will realise for application, compute, storage, networking to work optimally, they must all work together, seamlessly as a system. Any point of weakness or failure in the infrastructure can make the whole system fail.
Everything software defined
Whether it is compute, storage or networking, you can see increased impact and adoption of software-defined everything. In the software-defined world, management and control of computing environment, storage and networking is automated by intelligent software and not by hardware components. Enterprise organisations will implement technologies in order to transition to software-defined enterprise.
Next cloud wave
Enterprise-level internal resources including business-critical applications are now being moved to the cloud. This is a new development as internal-facing applications are traditionally kept internal. The challenge with migrating old systems and applications to a newer encrypted approach is that network capabilities can be stretched becoming too fragile. This ultimately creates complexities tied to application planning, performance monitoring and final migration to the cloud.
Digital transformation is not a fad and we expect to see migration of critical applications to cloud increase in 2017. Large enterprise clouds are now being adopted beyond customer-facing resources. Cloud-only and internet-only transport are the future as they allow enterprise organisations to become more agile while providing cost savings.
Hybrid enterprise advantage
After deploying a hybrid environment, which can be complex and difficult to manage, the work is just beginning for the enterprise. The process continues as application requirements and business needs evolve. So, to increase agility, IT is always evaluating and adopting cloud services and related technologies like PaaS, containers and micro-services to deliver applications faster.
We expect to see greater adoption of application and network management functionality to ensure visibility into the hybrid cloud, creating more trust in IT and alignment to business objectives.
DevOps for digital services
DevOps teams are increasingly using PaaS capabilities together with third-party components to develop composite applications faster. According to Sonatype, the average enterprise downloads more than 229,000 components annually, of which one in 16 has security defects.
Third-party components account for 80%-90% of the code in a typical enterprise application today. Current monitoring for components traces application transactions through server interactions, which obscures dependencies within the application layer.
Enterprises will seek new solutions that provide clear visibility into behavior and interaction of third-party components and platforms in cloud-based environments in order to accelerate development of apps and digital services in the cloud, proactively prevent performance issues, and improve performance of cloud-based apps.
2016 saw a number of cyberattacks, ranging from high-profile DDoS using hijacked Internet-facing security cameras to alleged hacking of party officials during the US election. We also saw a rising tide of data breaches from organisations big and small and significant losses of personal information. A look at how some of those trends might play out in 2017.
IOT attacks will rise
In 2016, Mirai showed the massive destructive potential of DDoS attacks as a result of insecure consumer IoT Internet of Things devices. Mirai’s attacks exploited only a small number of devices and vulnerabilities and used basic password guessing techniques. However, cybercriminals will find it easy to extend their reach because there are so many IoT devices containing outdated code based on poorly-maintained operating systems and applications with well-known vulnerabilities.
Expect IoT exploits, better password guessing and more compromised IoT devices being used for DDoS or perhaps to target other devices in your network.
Targeted social attacks
Cybercriminals are getting better at exploiting the ultimate vulnerability – humans. Ever more sophisticated and convincing targeted attacks seek to coax users into compromising themselves. For example, it is common to see an email that addresses the recipient by name and claims they have an outstanding debt the sender has been authorised to collect.
Shock, awe or borrowing authority by pretending to be law enforcement are common and effective tactics. The email directs them to a malicious link that users are panicked into clicking on, opening them up to attack. Such phishing attacks can no longer be recognised by obvious mistakes.
Financial infrastructure at risk
The use of targeted phishing and whaling continues to grow. These attacks use detailed information about company executives to trick employees into paying fraudsters or compromising accounts. We also expect more attacks on critical financial infrastructure, such as the attack involving SWIFT-connected institutions which cost the Bangladesh Central Bank $81 million in February.
SWIFT recently admitted that there have been other such attacks and it expects to see more.
Internet’s insecure infrastructure
All Internet users rely on ancient foundational protocols, and their ubiquity makes them nearly impossible to revamp or replace. These archaic protocols that have long been the backbone of the Internet and business networks are sometimes surprisingly flaky.
For example, attacks against Border Gateway Protocol could potentially disrupt, hijack, or disable much of the Internet. And the DDoS attack on Dynin October launched by a myriad of IoT devices, took down the DNS provider and, along with it, access to part of the internet. It was one of the largest assaults seen and those claiming responsibility said that it was just a dry run.
Large-scale ISPs and enterprises can take some steps to respond, but these may well fail to prevent serious damage if individuals or states choose to exploit the Internet’s deepest security flaws.
Increased attack complexity
Attacks increasingly bring together multiple technical and social elements, and reflect careful, lengthy probing of the victim organisation’s network. Attackers compromise multiple servers and workstations long before they start to steal data or act aggressively. Closely managed by experts, these attacks are strategic, not tactical, and can cause far more damage. This is a very different world to the pre-programmed and automated malware payloads we used to see.
Attacks using admin tools
We see more exploits based on PowerShell, Microsoft’s language for automating administrative tasks. As a scripting language, PowerShell evades countermeasures focused on executables. We also see more attacks using penetration testing and other administrative tools that may already exist on the network, need not be infiltrated, and may not be suspected. These powerful tools require equally strong controls.
Corruption of online advertising
Malvertising, which spreads malware through online ad networks and web pages, has been around for years. But in 2016, we saw much more of it. These attacks highlight larger problems throughout the advertising ecosystem, such as click fraud, which generates paying clicks that do not correspond to real customer interest. Malvertising has actually generated click fraud, compromising users and stealing from advertisers at the same time.
Downside of encryption
As encryption becomes ubiquitous, it has become much harder for security products to inspect traffic, making it easier for criminals to sneak through undetected. Unsurprisingly, cybercriminals are using encryption in creative new ways. Security products will need to tightly integrate network and client capabilities, to rapidly recognise security events after code is decrypted on the endpoint.
Attack against society
Technology-based attacks have become increasingly political. Societies face growing risks from both disinformation and voting system compromise. For instance, researchers have demonstrated attacks that might allow a local voter to fraudulently vote repeatedly without detection. Even if states never engage in attacks against their adversary elections, the perception that these attacks are possible is itself a powerful weapon.
The past year has thrown spotlight on the importance of availability – both of services and data. From a number of high-profile systems outages across the globe, the public has come to understand the importance of having access to accurate information and critical services on-demand.
As we move into 2017, businesses will increasingly need to embrace customer expectations and ensure seamless delivery of services. From an IT perspective, there are four key trends that businesses will need to embrace in order to exceed the expectations of customers and partners alike.
Public, private, hybrid clouds
A few years ago, the thought of extending datacentre infrastructure to a hyper-public cloud may have seemed a futile endeavour of connectivity, security and mix of unknown surprises. However, now the market is ready to accept the adoption of hybrid cloud architectures from both the infrastructure and application side. It is already happening and much greater mainstream adoption is on the horizon as enterprises look to enhance operational agility and reliability, while ensuring that data and applications are available at any time, from anywhere
Explosion of software-defined infrastructure
It is no secret that the software-defined datacentre has been a huge trend in recent years – thanks in part to the popularity of virtualisation. Running applications in a virtualised environment brings many advantages for companies to help build efficiencies, provide reliability and a flexible IT infrastructure to ease management and free time and resources. As businesses evolve, expect to see more demands on vendors to provide software and services to meet the expectations of the next generation of innovators.
One step ahead
Threats from hacking, as well as the proliferation of botnets, and malware specifically ransomware will keep IT managers up at night throughout 2017. We have seen enormous burdens placed on organisations looking to maintain availability during 2016, with large attacks on DNS services causing major companies and services to be unreachable during critical times. As more businesses look to provide digital services, the hackers will be nipping at their heels. More than ever before, businesses will need to place additional emphasis on end-to-end data security, backup and recovery to ensure their services remain available for partners and customers.
More data, more possibilities
The datacentre of today, and definitely of tomorrow, will increasingly hold more data – both historical and mission-critical. Whether it be an influx of inputs from the Internet of Things, more complex business systems, or growing amounts of existing data sets, the conclusion is obvious. The data deluge will continue.
On the positive side, this will bring benefits to businesses looking to leverage advanced analytics to hone their existing operations and provide new services to customers. As the calendar ticks over to 2017, businesses will be able to gain more insight from the data they have collected; helping shape decisions and inform business strategies.
However, these analytic capabilities will only bear fruit if data is both available and robust. For businesses relying on advanced analytics to drive operations, any downtime not only halts the ability to transact with customers and suppliers, but also stymies informed decision-making. Businesses will need to direct their attention to maintaining availability of mission-critical systems that underpin their analytics.
Specific predictions are always challenging, but the technology landscape provides endless possibilities for organisations to provide great services based on the datacentre and the information it provides. The expectation is that data is available on-demand. Gone are the days where downtime is considered a normal part of doing business.
In 2017, the datacentre will take centre stage and will serve as a critical piece of infrastructure to both store information and provide services to customers, employees and partners alike. Having a plan to ensure availability will be vital to maintaining business operations to meet and exceed expectations.