Around this time every year, we dust off our crystal ball, pull out the casting runes, and ruminate over what might happen in the world of Information Security in the year to come. While we are gathering information for our 2018 predictions, we decided to reflect on our 2017 predictions to see how we did.
1. There will be an overt cyberattack from a nation-state.
The difficulty with nation-state cyberattacks is that no one seems to want to confirm the attack source. However, in 2017, we saw multiple examples of true nation-state cyberattacks:
2. The Internet will be shut down for up to 24 hours.
This prediction got a lot of reaction! Our original prediction was based on the attack on DYN DNS and the realization that large parts of the global internet are subject to both cyberattacks and even accidental damage. Looking back, maybe it was a matter of scale. In 2017, we witnessed large parts of core internet structure shut down by accidental and/or non-malicious activities, including:
3. Portions of the U.S. power grid will be shut down.
Maybe we didn’t get this one quite right, but 2017 showed us that the U.S. power grid is and continues to be a major concern. Some power grids did take major hits, including:
4. The use of fake news and psychological warfare in the media will rise.
Although it is hard to quantify “rise,” the term may have been too modest for the explosion of “fake news” and media manipulation that we witnessed. “Fake news” is a now high-ranking term on google trends, with the largest spikes in January, June, and October. We’ve also seen numerous accusations of paid human action and/or bot net manipulation of both regular media and social media outlets:
5. Ransomware gets more personal with the rise of mobile ransomware.
Ransomware took a turn in 2017, but it wasn’t necessarily to mobile devices. Instead, we saw that classic ransomware is far from dead, as made clear by massive outbreaks, such as WannaCry, NotPetya, Bad Rabbit, Locky, and many others:
6. President Trump’s Twitter account will be hacked.
Although President Trump’s Twitter account was the source of much media attention in 2017, we do not believe it was hacked except for a Twitter employee temporarily shutting down Trump’s account. This isn’t to say that other famous twitter accounts weren’t compromised:
While some of our predictions were more accurate than others, one thing was made clear in 2017—cyberattacks are not only not going anywhere, they’re also getting bigger and badder. With nearly half of Americans’ personal information being exposed through the Equifax breach this year, and the expansion in the number (as in all) of Yahoo account user’s login information having been originally compromised, we have yet to experience the full repercussion many of these nefarious attacks can have.
What will LogRhythm Labs forecast for 2018? Stay tuned for next year’s predictions!