Each year seems to bring new cybercrime records, as malware authors and hackers conspire to find new ways to break into networks and steal data. As we look into 2017, don’t expect this to change.
If anything, we are bound to see cybercrime threats intensify. Risks related to malvertising and Internet of Things malware will be on the rise, while phishing will remain a big problem for businesses, and ransomware is sure to get worse before it’s brought under control. The cybersecurity industry will continue to develop tools and approaches to keep cybercriminals at bay. Look for developments in threat intelligence, as the technology gets more sophisticated and predictive.
Here are some security trends for MSPs to watch in the coming year:
Phishing will remain a big headache for businesses because it’s so difficult to teach users to identify, avoid and report suspicious emails. It takes a lot of effort, through a combination of technology and behavior conditioning, to combat phishing. MSPs will need to keep reminding clients about the dangers and work with them to tackle phishing.
Ransomware threats will eventually subside but will remain a major threat in the near future. Ransom demands are bound to rise, which could create extreme duress for smaller companies that can’t afford to pay. MSPs must keep reminding clients to back up and their data and keep their security tools up to date to stand any kind of a chance against a ransomware attack.
As we saw with the massive Oct. 21 DDoS attack against DNS provider Dyn, some IoT devices are a relatively easy target for hackers. As the IoT expands, the onus will be on device manufacturers to secure them, but MSPs also must work with clients to implement the necessary layers of defense to prevent and detect IoT-based security breaches.
Using fake ads to steer users to compromised websites and steal information is becoming a favorite cybercriminal tactic. Like phishing, this method prays on user wants, trust and curiosity. Malvertising is a vexing problem because of the clever way the malware disguises itself. It will take an increased reliance on tools such as threat intelligence and raising user awareness to combat it. Talk to clients about this rising threat and the need for education.
Threat intelligence is becoming a critical weapon in the fight against cybercrime. This is a data-driven approach that looks at threat indicators and disseminates the information to security professionals. Threat intelligence feeds provide contextual information about threats and identify their sources. MSPs should subscribe to these feeds and recommend them to larger clients to fortify their defenses.
Thanks to analytics and threat intelligence, security is becoming more predictive. Data collected from endpoints, malware-detection engines and other sources can provide insights about malware traits, patterns, behavior and anomalies that indicate potential new types of malware. This technology will undergo a series of refinements that will make it a must-have in fighting cybercrime. MSPs should keep an eye on developments in this area to get a sense of what cybersecurity look like in the not-too-distant future.