Hackers to ramp up mayhem in 2017, Israel experts warn
Hackers will seek to undermine trust in data, use AI for more sophistication, Israel’s CyberArk says in report
Shoshanna Solomon was The Times of Israel's Startups and Business reporter
Cybercriminals worldwide are expected to step up their game next year using artificial intelligence and manipulating sources of information to create stronger and more devastating attacks, experts at Israeli cybersecurity firm CyberArk warn.
By infiltrating and manipulating sources of information, hackers will strive to undermine people’s trust in the integrity of data they receive, will use artificial intelligence to drive more sophisticated cyberattacks, and will increase collaboration to unleash greater mayhem, the firm’s security experts said in a report on cybersecurity predictions for 2017.
“The integrity of information will be one of the biggest challenges global consumers, businesses and governments face in 2017, where information from previously venerated sources is no longer trusted,” the experts said. “Cyberattacks won’t just focus on a specific company, they’ll be attacks on society designed to eliminate trust itself.”
Attackers aren’t just accessing information: they are “controlling the means to change information where it resides, and manipulating it to help accomplish their goals,” the authors said.
Manipulating information — in an election campaign for example — can be a powerful tool. The alteration of previously unquestioned content, like audio files, could lead to increased attempts at extortion, using information that may not be real or taken out of context. “It will be easier than ever to piece together real information stolen in a breach with fabricated information, to create an imbalance that will make it increasingly difficult for people to determine what’s real and what’s not.”
Increasing mobile and web usage and social media are among the key factors contributing to the “explosive increase” in cyberthreats, MarketsandMarkets, a Dallas, Texas-based market research firm said in a report. Last week, Yahoo suffered the world’s biggest hack to date, in which the company discovered a 3-year-old security breach that enabled a hacker to compromise more than 1 billion user accounts.
The global cybersecurity market will be worth more than $170 billion by 2020, according to an estimate by MarketsandMarkets, with companies globally focusing on security solutions but also services.
Hiding in the cloud
The proliferation of cloud services offer hackers another avenue to ramp up attacks without revealing their origin, CyberArk said in the report.
“With the addition of available computing power and agile development capabilities afforded by the cloud, we’ll see new attack tools that are exponentially stronger than previous iterations, we’ll see attacks that are stronger and more devastating,” the authors of the report said. Ultimately, “because attacks are raining from the cloud, attribution will become nearly impossible. This will also increase the agility of attackers.”
As the use of artificial intelligence (AI) and machine learning booms, hundreds of companies globally are now working to incorporate AI into their technologies to predict, prevent and defeat the next major cyberattack. But as AI “becomes commoditized” and cheaper to use, cyberattackers will also leverage the technology to develop the first AI-driven cyberattacks.
“These attacks will be characterized by their ability to learn and get better as they evolve,” the report said. This will help make commonplace what are today considered advanced attacks, “and will drive a huge economic spike in the hacker underground. Attacks that were typically reserved for nation-states and criminal syndicates will now be available on a greater scale.”
CyberArk also expects hackers globally, whether nation-based or cybercriminals, to learn from each others’ attacks, identify best practices and copy them on broader scale. Greater collaboration will allow attackers to improve existing malware and viruses “to unleash a new wave of threats.”
“These more dangerous attacks will put pressure — potentially regulatory or merger and acquisition related — on public and private organizations to step up collaboration and prioritize ways to incorporate intelligence gained from these attacks into new innovations meant to combat cyber threats and beat the attackers at their own game,” the report said.