WASHINGTON - There’s little doubt that 2015 will not be remembered fondly by cybersecurity professionals. With millions of successful hacking attacks, and uncounted documents breached or stolen, it seemed at times that nothing could be done to stop the assault on the globe’s computer systems.
The threats and challenges came from many directions. Hackers believed to have been assisted by the Chinese military swiped millions of personnel records of many current and former U.S. federal workers.
Even more embarrassingly, millions of registered users of Ashley Madison, a website promoting adult infidelity hook-ups, were exposed for public view.
Washington’s adversaries, such as Moscow and Tehran, stepped up their efforts to gain access to critical U.S. infrastructure systems, while millions of new devices, from cars to toy dolls to everything in between, went online and increasingly became targets for hacking. And ransomware attacks exploded in frequency in 2015, prompting the FBI to issue a rare public cyber-warning.
So is 2016 doomed to just more of the same? On one hand, there’s no reason to expect hackers won’t try to out-do themselves over the coming year, crashing systems and running roughshod over protected data. That said, several cyber-analysts are telling VOA that last year’s flood of bad cyber-news might actually be a harbinger of a more cyber-secure new year.
Awareness = security
“This was likely the worst year [for cyber-attacks] in the United States in terms of the number of records stolen – 175 million, and those are just the ones we know about,” said Jim Ambrosini, managing director with CohnReznick, a national consulting firm. “And one of the weakest links is user awareness.”
With over two decades experience in cyber, Ambrosini has seen a lot of hacking trends come and go. Perhaps the most persistent threat, he said, also is the oldest and most obvious: phishing attacks.
“Last year alone over 300 million new forms of malware were introduced,” said Ambrosini. “This is becoming a very popular channel for hackers because effectively there’s no patch for human ignorance. People like to click on things and fall for some these attacks, so it’s critically importantly to make sure that users are well informed and trained to recognize these malicious attacks and know what to do about them.”
But 2015’s hacking firestorm did more than just raise awareness among lower level end users of the threats at play, said Ambrosini. Increasingly, he said, those in charge are paying attention, as well.
Bryce Boland, a V.P. and Chief Technology Officer with the cybersecurity firm Fireeye, agreed. “The members of the boards of directors for firms are now paying attention,” he says. “Board level scrutiny is going to change how CISO’s (Chief Information Security Officers) work, and they’re going to have to start showing progress.” He added that as regulators increasingly turn their attention to firms that neglect cybersecurity, pressure will build to make comprehensive security solutions an even greater priority.
Reviewing 2015, Boland said many private companies realized they don’t have sufficient resources to operate and maintain a sophisticated security operation by themselves. Alarmed by 2015’s hacking attacks, Boland predicts more CEO’s and boards of directors will increasingly turn their cybersecurity over to private contractors working from the cloud. “Most CEO’s now realize [a hack] is a matter of when, not if,” Boland said.
“Companies have realized they don’t have the staff to effectively put in and manage all these tools,” CohnReznick’s Ambrosini told VOA. “And they know they need a reaction plan once a breach occurs. That’s things like making sure you have good backups, having a sound response plan. I can tell you, when these things happen, it’s a lot of people in a conference room pointing fingers and nothing gets done, and you don’t want to be running around scrambling in a moment of crisis.”
Chinese hacking slows?
Both analysts see 2016 as a year when more machine learning – sometimes called artificial intelligence – becomes integrated into security software and protocols. Machine learning allows systems to spot trends in hack attacks and respond in kind, allowing the system itself to not just defend, but predict future incursions.
“Machine learning allows systems to proactively detect threats,” said Ambrosini. “These systems are contextually aware, so they can make better decisions. No tool is a panacea, but the state of cybersecurity is forcing companies to rethink their programs, and these machine learning capabilities are going to become very important.”
Both analysts expect there will be no slowdown in attempted hacks in 2016: Boland sees mobile devices becoming greater access points into protected systems and more targeted attacks in health care, oil and gas and industrial control systems, while Ambrosini predicts more high-profile hacks (such as this year’s breach at the Italian cyber-surveillance firm Hacking Team), and more organized criminals targeting valuable data for re-sale or exploitation.
But interestingly, both agree that China – arguably the world’s single largest source of cyber-attacks – may in the coming year slow the frequency and volume of hacks originating within its territory. Already, said Ambrosini, the agreement made this summer between President Barack Obama and Chinese President Xi Jinping to slow attacks targeting the U.S. appear to be working.
“I expect China will make lots of cyber-treaties with their major trade partners,” said Fireeye’s Bryce Boland. “This is an easy way for them to build up their reputation on tackling cyber-crime. But some hacking will continue anyway. After all, hacking for national security purposes remains fair game for China, and its definitions as to what constitutes national security remain vague.”
Finally, despite advancements in security software and increased awareness about cyber-threats, Boland said one fact is undeniable: As more things as varied as thermostats, cars, and appliances connect to the web, someone out there will surely try to hack into it.
“More things to attack means more extortion opportunities,” Boland said. “Imagine a world where an attacker can brick your home, your car, until you pay a ransom. Far too many of the things finding their way to the Internet should not be there, so expect many, many more attacks on industrial-control systems in the coming year.”