2016 was a particularly eventful year in the cyber threat landscape. Nation-state operations played large in the US presidential election, database breaches grew ever larger and cybercriminal tactics more innovative. Individual activists and mass-participation campaigns continued to target companies and organizations for ideological reasons. 2017 will be a year when geopolitical shifts and technological advances by nation-state and criminal actors will combine to create an unprecedentedly complex cyber threat landscape.
signals from new US administration
In terms of nation-state activity, Donald Trump’s accession to the presidency is likely to mark a shift in US foreign policy, bringing a number of cyber security implications. Trump’s stated desire to priorities what he feels are US interests and a more transactional foreign policy, and his indication that he will better tolerate the spheres of influence of other global powers, is likely to embolden these actors to conduct a range of cyber activity within their respective backyards, with reduced fears of US reprisals.
We anticipate this to be the case with China and the ASEAN states, particularly in relation to the South China Sea and associated territorial disputes; Iran within the Middle East region, particularly if Trump’s promised hardline stance materializes and aggravates existing regional and sectarian tensions; and Russia with the Baltic states, its near abroad and European powers. Elections in Germany, France and the Netherlands are particularly likely to attract Russian efforts at data leaks and disinformation, following the hack of the Democratic National Committee in an alleged attempt to aid Trump’s campaign.
In terms of technical developments, the most sophisticated cyber espionage units will adopt increasingly innovative means of avoiding detection and attribution for their efforts. Rather than depending on bulky malware with hardcoded connections to command and control infrastructure, these actors will instead increasingly look to exploit legitimate processes and protocols to steal data and achieve their objectives, all while avoiding alerting the victim to the infection.
restraints on flow of data
The policy landscape will see increasing state-led efforts to legislate and regulate cyber security issues and enforce national borders for data. Russia and China will lead the push towards data protectionism and are likely to prompt similar approaches in their respective spheres of influence. These efforts are also likely to include specific anti-encryption provisions, in response to the increasing normalization of encryption as a tool for privacy and security.
This in turn is likely to contribute to a more complicated international operating environment for companies, but also to continued difficulties for law enforcement agencies attempting to pursue malicious actors across jurisdictions.
Comments
Post a Comment