3 Predictions for 2017 from Former Special Agent in Charge of FBI Cybercrimes

January 20, 2017 |
Image key inside a sphere

2016 continued the trend of aggressive cyber attacks. The key takeaway is that this trend is not going away. As we look to 2017, I believe we’ll see three major trends.

1. Context is the next evolution of identity and people will, finally, stop caring about giving up privacy to prevent attacks.

We’ll see identity finally move beyond a username and password: things like what device you’re on, what’s the context, enterprise vs. mobile origination, etc. that are seamless (invisible to the user) will take precedent and they’ll be embedded in use, and travel wherever users do.

The resource (device, company, network, app, etc.) will care about who you are in the move to cloud/BYOD environments and as part of this, users will give up privacy to access the resource. This trade-off is fair—you must provide enough proof of who you are when asking for access to a valuable, shared resource. Users already sign end-user license agreements (which most don’t read, and scroll as fast as possible to click accept) granting necessary access. The vast majority of the population views this as a fair and acceptable trade.

2. The US will take a more aggressive position on international cyber security that will lead to cyber escalation between Nation States.

Typical to any transition of Presidential power, we’re in a honeymoon period between Nation States. Make no mistake, however: the first thing our adversaries are doing is figuring out where to “pick a fight” to see what they can get away with.

Russia, for example, has a track record of positive initial meetings with President-elects, while they test how much they can extract from them. But soon enough, Russia’s concerns will be intractable and President-elect Trump will be forced to face reality: Russia will not change its behavior. We are already seeing Russia test Trump. Just this month, Putin said about Russia’s military, “We can say with certainty: We are stronger now than any potential aggressor. Anyone!” These kinds of comments will not sit well with an aggressive President-elect, and a Cabinet full of former US military.

The strained relation between Trump and the Obama Administration has caused negotiations between the US and Russia to have already been sent into a tailspin. All of this will lead to cyber escalation. While Trump has been playing nice – some say too nicely – with Russia, he’ll eventually overact and take proactive measures, which is more his style.

Another “Russia intractable” is the Ukraine. Since the US’s influence in Ukraine is threatening to Russia, and the US won’t leave Ukraine’s fate in Russia’s hands, both countries will use cyber tools to try and get what they want: information.

Another example is China. Cyber relations with China are already unstable with the incoming US leadership. Trump is taking China head on, with regular comments on its currency devaluation, abuse of trade policies and the volatile Taiwan relationship. In response to a new, perhaps more hostile Trade Secretary, China’s Foreign Ministry spokeswoman has indicated that “China like every other country is closely watching the policy direction the US is going to take,” according to the Wall Street Journal.

In September 2015, Obama agreed with China that neither side would engage in cyber espionage in business. It was a gentleman’s agreement, based on goodwill, that isn’t binding or enforceable. From detectable cyber activity, there seems to have been a decrease in cyber espionage, supporting the notion that both sides have been honoring the agreement. If that goodwill ceases to exist with China—and it seems that it will not with the President-elect’s approach—all bets are likely off.

3. The world is not equipped to handle sophisticated, multi-site cyber attacks, especially against financial institutions. Stolen money will be reinvested in “hacker R&D” creating future chaos

Countries and corporations are not prepared to deal with advanced cyber attacks. In the February, 2016 Bank of Bangladesh hack against the SWIFT system, criminals stole $81M—and most of it is still unrecovered. Hackers are already re-investing these funds to develop techniques to target lesser protected institutions, which isn’t good news for network defenders.

The Internet of Things (IoT), DDoS attacks will be a problem in 2017.

  • IoT is becoming even more commonplace and the lack of set standards/regulations leave us with more and more unsecured devices, widening the playing field of opportunity for hackers.
  • DDoS is becoming sexy again because we’re entering a different era in terms of volume, in part due to the number of IoT devices now online. We should anticipate an acceleration in DDoS attacks because some of these devices simply can’t be fixed and/or properly secured. The October 2016 DYN DDoS attack is a good example of the above two trends. And the IoT botnet (Mirai) used in this attack shows signs of evolving as its source code was released publicly.

Companies will soon make the official transition to cloud, as they’ll stop viewing it as a risk and more of a sanctuary. They’ll also start establishing a “TSA-type security pre-check in line” to services for approved clients that will isolate channels for customers (i.e. they won’t be public facing) in order to avoid the internet cesspool.

In 2017, it’s now more important than ever before to evaluate your traditional security solutions with what’s disrupting the market. New methodologies to combat hackers are needed to ensure organizations can keep their networks and precious resources safe.

Forrester Research, No More Chewy Centers: The Zero Trust Model of Information Security

Back to Blog Home

Leo Taddeo

Leo Taddeo
Chief Security Officer

Leo Taddeo is the Chief Security Officer (CSO) for Cryptzone, a provider of dynamic, context-aware network, application and content security solutions. Taddeo, former Special Agent in Charge of the Special Operations/Cyber Division of the FBI’s New York Office, is responsible for analyzing the cybersecurity market to help shape Cryptzone’s vision for security solutions. Taddeo provides deep domain insight into the techniques, tactics and procedures used by cybercriminals, to help Cryptzone continue to develop disruptive solutions that enable customers to defend against advanced threats and breaches.

Prior to Cryptzone, Taddeo led more than 400 agents and professional support staff in cyber investigations, surveillance operations, information technology support and crisis management for the FBI. He oversaw high profile cases, including Silk Road, Blackshades and JP Morgan.

Previously, Taddeo served as a Section Chief in the International Operations Division, where he managed FBI operations in Africa, Asia and the Middle East. Taddeo has held various roles of increasing responsibilities in the field, including supervising a joint FBI/New York City Police Department Joint Terrorism Task Force and serving as the Legal Attaché in Rome, Italy.

After receiving his degree in applied physics from Rensselaer Polytechnic Institute in 1987, Taddeo served as a tank officer in the U.S. Marine Corps. In 1991, he was awarded a Purple Heart and Bronze Star Medal for valor for service in the Gulf War. Taddeo then earned a Juris Doctor from St. John’s University and joined the New York law firm of Mound, Cotton & Wollan, where he practiced civil litigation until entering the FBI.

Taddeo is a graduate of the CISO Executive Program at Carnegie Mellon University. He also maintains the Certified Information Systems Security Professional (CISSP) and GIAC Certified Incident Handler certifications.

Leave a Reply

Your email address will not be published. Required fields are marked *