Dronejacking, Fileless Infections to Increase in 2017: Symantec

Enterprises of all sizes and consumers in India are at equal risks as advanced criminal attack groups now echo the skill sets of nation-state attackers, a Symantec executive has said, adding that "dronejacking" and "fileless malware" will increase in the upcoming year.

"As businesses in India embrace the digital transformation,fileless malware among others will be some of the prevalent trends and threats in the upcoming year," Tarun Kaura, Director of Solutions Product Management - Asia Pacific & Japan at Symantec told IANS.

In its Security Predictions for 2017, Symantec said that with the proliferation of the Cloud Generation, enterprises will need to shift their focus from safeguarding endpoint devices toward protecting users and information across all applications and services.

(Also see: 'Dronejacking' May Be the Next Big Cyber Threat)

Symantec also highlighted that in 2017, fileless infections - those written directly onto a computer's RAM without using files of any kind and are difficult to detect and often elude intrusion prevention and antivirus programmes - are set to go up.

With the technology explosion and increase in the use of drones, 2017 could see these devices being used for espionage and explosive attacks.

According to the predictions, with the workforce more mobile than ever, the need to primarily protect an on-premise network will become increasingly short sighted.

"The need for firewalls to defend a singular network becomes unnecessary if it is connected to the cloud. All enterprises will start to move towards wi-fi and cloud-based services, rather than investing in expensive and unnecessary network solutions," Symantec predicted.

As Internet of Things (IoT) and shift towards cloud-based storage and services become more common, targeted ransomware attacks are also likely to increase in the coming year.

While talking about connected cars, Symantec predicted that as cars start to have connected capabilities, they can be held for ransom. The self-driving cars can be hacked to obtain their location for hijacking, unauthorised surveillance and intelligence gathering, or other automobile-focused threats.

"This will also lead to a question of liability between the software vendor and automobile manufacturer, which will have long-term implications on the future of connected cars," Symantec said.

As seen in 2016, machine learning and Artificial Intelligence (AI) will only continue to grow in the next year. Market research firm Forrester had predicted that investment in AI would grow 300 percent in 2017 alone.

From a security standpoint, this expansion will impact organisations in more ways than one - including endpoints and mechanisms in the cloud.

Enterprises will need to invest in solutions that have the capabilities to collect and analyse data from the countless endpoints and attack sensors across different organisations, industries and geographies.

"Each year, the security industry faces new types of threats as cybercriminals evolve their approach toward accessing organisations' data," Kaura said citing Symantec's Internet Security Threat Report (ISTR), which was released recently.

The report revealed an organisational shift by cybercriminals where they are increasingly adopting corporate best practices and establishing professional businesses in order to increase the efficiency of their attacks.

Symantec said that there is a dangerous possibility that rogue nation states could align with organised crime for their personal gain. This could result in down time for countries' political, military or financial systems.

When asked about the adoption of security measures in India, Kaura said, with the increase in the vulnerability, businesses too have realised the importance of cyber-security.

"It's not about checking off a box; it's about finding a policy that protects the organisation's brand, reputation and operations if they are faced with a breach," Kaura said.