Virtualization and Cloud executives share their predictions for 2017. Read them in this 9th annual VMblog.com series exclusive.
Contributed by Alex Waterman, Sr Director, Product Management at Vectra Networks
Cybersecurity Predictions for 2017
IoT security flaws exploited for attacks beyond DDoS.
The security challenges surrounding IoT devices has been a topic of discussion for the better part of 10 years. In 2016, a massive DDoS attack against the Internet performance management firm Dyn enlisted about 100,000 IoT devices to create 1.2 Tbps of traffic, proving the security industry had not been crying wolf.
Although the DDoS attack against Dyn mainly appropriated consumer IoT devices like webcams, enterprise networks are home to many pervasive business IoT systems, including printers, IP phones, vending machines and lighting controls. According to Gartner, over 7 billion business IoT devices will be attached to enterprise networks in 2020.
Susceptible to compromise, IoT devices provide an easily exploitable path to high-value data that cyber attackers will continue to take advantage of in the coming year. And the attacks will grow in sophistication beyond DDoS botnet swarms.
To confront attacks that commandeer legions of business IoT devices, organizations will drive demand for cybersecurity defenses that detect attacker behaviors inside networks and across any type of device and operating system.
More data center breaches will take advantage of vulnerabilities in the underlying physical infrastructure.
The attack exploits, implants and tools published this year by the Shadow Brokers hacking group will be a popular holiday gift for cybercriminals. And it'll be the gift that keeps on giving in 2017.
Previously known only to advanced attackers, this recipe book for zero-day threats against the data center's soft underbelly - the physical infrastructure - is now in the public domain. That means a broader cadre of adversaries will target their attacks at the next-generation firewalls that are supposed to protect the data center.
Since the Shadow Brokers disclosure, only a nominal percentage of vulnerable devices have been remediated. For example, in one exploit there are still over 800,000 vulnerable, reachable devices. Consequently, the combination of readily available exploits and vulnerable firewalls will lead to major data center breaches.
##
About the Author
Alex Waterman is the senior director of product management at Vectra Networks, responsible for the company's data center product line.
Prior to Vectra, Alex was senior director of product management at VMware in the NSX team, where he was responsible for NSX security solutions and technology partners. Before VMware, Alex was responsible for enterprise security as the senior director of product management at Juniper Networks. Earlier in his career, Alex held leadership positions at Cisco Systems, where he led engineering teams in security services and WAN optimization, and was founder and software architect at Netiverse, Inc., which was acquired by Cisco in 2001.
Alex holds a bachelor's degree in computer science from the University of Colorado, Boulder.