BOULDER, Colo. – A prominent American company that helps companies guard against cyber threats is predicting that the entire Internet will be shut down by hackers in 2017 – and that portions of the power grid will go down, too.
LogRhythm, headquartered in Boulder, Colo., released its seven predictions for 2017 just before the New Year and said it believes the “internet will be shut down for up to 24 hours.”
“We’ll see a rise in attacks on fundamental protocols of internet communications. We already started seeing it with DNS,” the company said, referencing a Domain Name System attack that brought down Amazon, Netflix and Twitter in 2016. “In 2017, we’re going to see it hit big sometime, somewhere. If the internet goes down, financial markets will tank.”
James Carder, LogRhythm’s chief information security officer and vice president, said the attacks that brought down Amazon “were really just tests.”
“If you can prove that you can take down massive sites and a large chunk of the US internet for a few hours, a 24-hour outage seems pretty easy to do,” Carder told Business Insider.
LogRhythm also predicted that “portions of the U.S. power grid will be shut down.”
“If portions of the power grid go down, there will be lack-of-confidence and trust issues with the government, which will have long-lasting ripple effects,” LogRhythm said.
The company has offices in the United Kingdom, Singapore, Mexico, France, Germany, Brazil, Australia, Hong Kong and the United Arab Emirates.
Following are LogRhythm’s seven predictions:
1. A decidedly overt attack from a nation-state will likely occur, in an effort to force an equally public retaliation.
– The public nature of this action will force the hand of NATO or the U.S. government to retaliate, whether they choose to do so publicly is not clear.
– This will lead to an increased focus on offensive cyber capabilities and bolster the demand for cyber weapons on the black market. Countries will covertly arm their allies with cyber weapons, and encourage disguised attacks on their enemy.
2. The internet will be shut down for up to 24 hours.
We’ll see a rise in attacks on fundamental protocols of internet communications. We already started seeing it with DNS. In 2017, we’re going to see it hit big sometime, somewhere. If the internet goes down, financial markets will tank.
3. Portions of the U.S. power grid will be shut down.
– We already saw hackers mobilise vulnerable IoT devices in the recent DDoS attack. Similarly, they could target and impact aspects of critical infrastructure.
– If portions of the power grid go down, there will be lack-of-confidence and trust issues with the government, which will have long-lasting ripple effects.
4. Hackers will target and silence major media sites — such as CNN, FOX News, etc. — to influence what is reported and attempt to keep people in the dark.
– There will be more focused IoT botnet attacks, like the largest DDoS attack ever committed (Oct. 2016), which was all done using embedded systems/IoT devices. We’ll see a larger botnet attack, powered by the hundreds of thousands of IoT devices that still have malware running on them.
5. Ransomware will get more personal, as 2017 will mark the rise of mobile ransomware.
Simon Howe, Director of Sales for ANZ at LogRhythm said, “Attackers will use pre-authenticated tokens to disseminate malware. Because so many Apple devices are interconnected, the malware could very quickly spread. Attackers will target consumers and hold their personal data hostage. For example, attackers will threaten to send out or delete a user’s photos unless a ransom is paid. Just think, how much would you pay to recover your photos?”
6. There will be an uptick in Psychological Operations (PSYOPs), where hackers will use social media platforms to manipulate messages and influence people.
– A study released by Stanford in late Nov. 2016 found that US students from 6th grade through college – presumably the savviest social media users – are unable to accurately evaluate the credibility of information presented in tweets, comments and articles.
– Malicious actors will use algorithms to gauge the effectiveness of their social media efforts, and refine their PSYOPs to further manipulate people of all ages.
7. Every country and region in modern nations will come up with their own cybersecurity governance, and start enforcing compliance with those mandates.
We initially saw this with GPG-13 (Cyber Security Framework) and GDPR (Data Security Framework) in the US. We’ll likely see an uptick in other countries establishing their own brand of cybersecurity and data security frameworks.
What is your reaction? Share your thoughts in the section below: