By Tamlin Magee
Jan. 4, 2017
Cybersecurity was all over the news in 2016 - whether it was email breaches that compromised the Democrat campaign for the elections, or revelations towards the end of the year that planes were vulnerable to hacking through in-flight entertainment systems.
The British government boasted that it had the capabilities to launch cybersecurity offensives and was committing a huge chunk of its budget to developing these further. Yahoo suffered from an attack that potentially gained access to 1 billion accounts, the largest known breach of all time.
Vendors, hackers, banks, businesses, countries and shadowy state actors all seem locked in a perpetual game of cat and mouse - and highly sophisticated and organised malicious attackers seem to have the upper hand.
According to the experts, here are some of the cybersecurity nightmares organisations will have to wrangle with in 2017.
2016 saw plenty of allegations about political actors involved in assisting attacks - but the complication is when these are "state-sponsored". A state-sponsored attack could involve the government of any given country simply allowing attacks to occur with their knowledge, but doing nothing to stop them - or it could mean actively encouraging hacking groups or cybercriminals to launch attacks, but indirectly.
To complicate matters further, tracing the origin of most cyber attacks is extremely complicated - for example, the allegations against Russian president Vladimir Putin being involved in the Podesta email leaks, or other alleged interferences in the US election, are extremely difficult to prove.
For example, the list of cited evidence in proving that Russia hacked the DNC is somewhat tenuous, according to some reports.
Adam Vincent, CEO for security company ThreatConnect, believes that a precedent was set in 2016 for the open involvement in state-sponsored cyber-offensive capabilities. He thinks this will spill over into 2017 - and could very well damage any businesses holding sensitive information that could be useful to governments.
"2017 will be a period of unfettered hacking activity," Vincent says. "Organisations with any strategically useful information, whether in the public or the private sector, must prepare themselves to deal with highly sophisticated phishing, infiltration, and data leaking campaigns."
Vincent also believes the British government's £1.9 billion cybersecurity budget announcement signifies a change in how governments publicly relate to cyber threats.
"We will see governments moving to block the negative effects of these attacks more proactively in 2017," Vincent says. "[In the UK] we are likely to see not just a reinforced 'national firewall' of defence mechanisms, but also a redoubled effort in terms of retaliation and retribution. We'll also see more collaboration between public and private organisations, as government bodies and enterprises look to benefit from shared information against mutual adversaries."