The past 12 months have been a whirlwind of hacks, leaks and cyberattacks. It was a year defined by the word unprecedented, from the heist at the Bangladesh central bank to the influence campaign against the US political system allegedly orchestrated by the Russian state. Things escalated.
Looking back, there was the slew of so-called 'mega-breaches' of Yahoo, Myspace, LinkedIn and Dropbox. A massive 'botnet' called Mirai disrupted major websites across US and Europe and WikiLeaks returned to the world stage and put government leaks back in the headlines.
To cybersecurity experts contacted by IBTimes UK, 2016 was, in many ways, a storm before the storm, and a sense of uncertainty was clear. So, with the New Year quickly approaching, the time has come to look to the next 12 months and ponder what threats will emerge and how they will affect our lives.
State-backed hacking will escalate
In 2017 there will be an increase in "strategic state-backed hacking" operations among nations that have the necessary tools, according to Adam Vincent, chief executive of ThreatConnect, a US-based firm that helped probe the hacks against the Democratic National Committee (DNC) this year.
"The use of cyber-espionage reached a new level of maturity in 2016," he told IBTimes UK via email. "We will see an increasingly vocal response from western governments to escalating Russian hacking activity as we begin to move towards more codified rules of cyber-engagement.
"State efforts will not be restrained to hacking," he warned. "The information gathered in phishing attacks will be turned to the production of misleading or fake news — a hallmark of the 2016 US election — designed to further the state's aims overseas.
"We will see state actors exerting influence over foreign populations by generating a media frenzy with intelligence extracted through cyber exploits. State actors will also look to play the long game, infiltrating major media outlets' servers and lingering before quietly intercepting information."
According to Luke Hull, a cybersecurity expert with FireEye's Mandiant, which also probed the DNC incident, Russian state activity — which the US government believes played a major role in cyberattacks against its political system — will only intensify.
"Overt cyber-enabled influence operations have been an effective way for Moscow to show that it will directly challenge the US not just via aggression in Eastern Europe and a proxy war in Syria, but by sowing doubt about the credibility of one of the country's fundamental institutions," he said. "In 2017, we expect these groups will hit new targets."
Financial institutions will be a major target
Hull also predicted that hacks, cyberattacks and attempted digital heists will continue to plague financial firms around the world. He said the incident at the Bangladesh central bank, when $81m (£56m) was stolen by hackers, had prompted others to update their security, but was unsure that enough action was being taken.
"In the wake of heist, we conducted a number of other forensic investigations at other banks around Asia and found each one was compromised," he said.
"In 2017, we expect to see more significant compromises in the financial sector. Banks with relatively low security maturity can be more attractive targets for attackers, though all banks are likely to face significant threats."
The (continued) rise of ransomware
One of these threats, many experts said, was ransomware. This notorious malware tool can hijack computers and servers, lock down sensitive files and demand a financial sum for their safe return. In 2016, it hit the headlines after being directed at schools, hospitals and general web users on a grand scale.
While it is not a new phenomenon, the experts said such activity will continue to rise as hackers have found the rewards for such an attack cost little but can rake in a high return on investment (up until the police inevitably come knocking on your door, of course).
Dave Palmer, a director of technology at Darktrace who previously worked for UK intelligence agency GCHQ, believes ransomware will soon move to a "micro-level" — to the smartphones and internet-connected devices in our homes.
"Imagine getting home and turning on your smart TV, only to find that cybercriminals are running a ransomware attack on your device," he said. "Would you pay £50 to unlock it? Or what if the new GPS system in your car got hacked when you were late for a meeting — would you pay?"
The Internet of Things Hacking
Palmer also noted how internet-of-things (IoT) devices will soon usher in a period of an internet-of-vulnerabilities. He said these smart devices — phones, light bulbs, fridges, coffee machines – remain "woefully insecure in many cases", and often are a "golden opportunity" for hackers.
He said: "2016 saw some of the most innovative corporate hacks involving connected things. In the breach of DNS service Dyn in October, malware spread rapidly across an unprecedented number of devices including webcams and digital video recorders.
"But many hacks of IoT this year have gone unreported — they include printers, air conditioning units, video conferencing cameras, and even a coffee machine. Many of these attacks used IoT devices as stepping stones, from which to jump to more interesting areas of the network.
"However, sometimes the target is the device itself."
Referencing the Dyn attack, which targeted enslaved IoT devices such as home routers and CCTV cameras, Avast's chief technology officer (CTO), Ondrej Vicek, said this form of attack will become more sophisticated as more "smart" devices are released with security as an afterthought.
"With the growth of the connected home, and the accelerating pace of smart cities and workplaces, everything from connected cars to routers, video monitors to thermostats are more vulnerable to attack than ever," Vicek claimed.
"Think about your own home; routers, IP cameras, DVRs, cars, games consoles, TVs, baby monitors and many other IoT devices could be quite easily targeted just by abusing default login credentials or other well-known vulnerabilities," he continued.
"We predict the number of botnets that can enslave IoT devices will continue to grow in 2017 as the number of devices vulnerable to exploitation increases."
Hacking from China will make a resurgence
Two years ago, hackers affiliated to the Chinese state dominated the headlines, especially after the cyberattack against the US Office of Personnel Management (OPM). In 2016, it was Putin's Russia which emerged as the dominant threat in terms of offensive cyber tactics.
In 2017, China will make its grand comeback following a period of relative absence (at least in the West) according to Sean Sullivan, a cybersecurity expert with security firm F-Secure, who told IBTimes UK the prospect of China using hacking to "dig up dirt on the incoming administration" is something the US should now expect.
President Obama made a landmark deal with his Chinese counterpart back in 2015 which appeared to have curbed the threat of espionage from Beijing. With Donald Trump as the new commander-in-chief, and with his less-than-stellar stance on US-China relations, the country may now step up its cyberattacks.
"The new US administration seems to be blissfully unaware as to how and why nation-states use cyberattacks to develop their political interests," Sullivan said.
"The incoming national security advisor apparently once had an unauthorised internet connection installed in the Pentagon, basically eliminating the 'air gap' used to safeguard one of the US' most important national security centres.
"Stuff like this makes Michael Flynn a cyberattack victim waiting to happen.
"As for motive, a normal presidential transition would attract China's attention, as they would like to catch 'sneak peeks' or a 'behind-the-scenes look' at the policies and positions of the incoming administration. But this was not a normal election.
"Trump and his political network have been causing controversy throughout the campaign. Pulling that thread by digging up non-public dirt can help China gain leverage over Trump's team, and actually unravel initiatives, policies, and positions that might run counter to their interests. And China has the motives and capabilities to make this happen in 2017."
The 'backdoor' debate will return
According to another F-Secure expert, Erka Koivunen, we will also see the resurgence of the cryptography debate. He singled out two major cases of the past year; the FBI/Apple controversy and the introduction of the UK's Investigatory Powers Bill (IPBill).
"In recent years, governments have been exploring ways to essentially weaken the ability of IT companies to use cryptography," Koivunen explained. "Unfortunately, not everyone appreciates the benefits this type of security has for individuals, companies and society."
He said that over the next year there will likely be a "revitalised push" for communications firms to bend to the will of surveillance warrants — and this may damage encryption of products and devices.
"Proponents of these types of regulatory initiatives will clash with those who believe sacrificing security measures such as cryptography will increase everyone's exposure to cybercrime, foreign intelligence gathering, government persecution, and more.
"I've testified in front of governments about these issues in the past. I expect to do so again in 2017."