How Did Major Cybersecurity Firms do in Predicting the Breaches of 2016?

To continue a seasonal tradition I began a few years ago, I will assess how some major cybersecurity firms (as well as myself) did in predicting the cyber attacks for the past year. The reason for doing this is that most firms are quite happy to put out predictions, but rarely do we see them discuss how those predictions actually turned out. When they do assess their predictions, they seem to stretch the facts to make themselves appear more omniscient than they truly are. One year ago, I looked at the predictions of five of these firms and sifted out the main themes that emerged. I also made my own predictions.

The five companies whose predictions I considered at the beginning of 2016 were Websense (WS), FireEye  (FE), Wired ( W ), Kaspersky (K), and Trend Micro (TM). (The abbreviations will be used for easier reference.) Here is what they predicted for the past year as compared with what actually eventuated.

Internet of Things (IoT) Hacks (TM, FE, WS, W)

Okay, you have to give these firms some credit on this one. Back in October, attackers used a botnet, organized with Mirai malware, to launch a DDoS (Distributed Denial of Service) attack on a number of high profile internet sites (Twitter, Facebook, Amazon, Reddit, and others). For the first time, people had to consider the idea that their internet-connected devices posed a threat to their and others’ cybersecurity. It also showed the vulnerability of prominent internet sites and raised the specter of the consequences of a cyber war. That said, neither the firms nor myself predicted the DDoS potential in this type of attack vector. Overall, however, Prediction Validated

Mobile Payment Hacks(TM, FE, WS, K)

Security researcher, Salvador Mendoza, showed how Samsung Pay could be hacked. Such a hack, however, would be difficult to pull off and I saw no instance of it actually taking place. However, besides this, there was little in the way of mobile payment hacks in the news. Though the vector remains ripe for exploitation, I’d have to say that the firms were off on this prediction. I also believed (and still believe) such hacks could take place. Well, maybe we have something to look forward to in 2017. Prediction not confirmed

Hacktivist Attacks (TM, WS, W)

Hmm, this one is hard to assess. Was the big DDoS attack a hacktivist attack, as some claim, or was it caused by some ‘script kiddies’ playing around? Both seem equally disturbing if you ask me. There were some attacks on both the KKK and Black Lives Matter websites. There was a weak attempt to attack Trump enterprises and another to bring down banks to prove one point or another. Both of these largely failed to make an impact. Was the biggest hack of the year, the attack on the DNC, a hactivist attack? If so, then this prediction was correct.  However, overall, I’d have to say that this prediction was only weakly confirmed.

Extortion/Ransomware(TM, K, W)

No doubt about it. This was the year of the ransomware attack. As I wrote in a recent post, ransomware attacks have increased 3,500% this year. Several companies, myself included, thought that ransomware could be used more for extortion on ideological grounds (either you do or say x or we will encrypt all of your files). This did not happen as far as we know. Then again, most ransomware attacks aren’t even reported. I still feel that ideologically-based ransomware attacks have a future, however. The closest we had to this was the ransomware attack on the San Francisco metro. In this case, it was not really planned as an extortion attack, but it kind of evolved into one.  Prediction validated

Apple Becomes a Target (FE, K)

Apple users used to gloat about how safe their devices were while they watched other operating systems get routinely hacked. Not anymore. Apple products have grown in popularity and, in so doing, are looked at as a source of riches for hackers. Apple was attacked with “the most sophisticated spyware ever seen” in August and scrambled to patch the holes in its system before the exploit went viral. It is unclear how many phones may have been compromised before users installed the updates. Other attacks occurring this year were as follows:

January – A prank website,, crashed iphones

February – Apple devices targeted for ransomware attacks

July – image hack

October – iMessage hacked by Chinese hackers

One year ago when I was making my predictions, I wrote, “I think this prediction has a nearly 100% chance of being realized this year.” (Pause here while I pat myself on the back.)

This prediction is validated.


Stock Market Hacks (W, K)

This still remains an elusive target for hackers, though, in my opinion, it’s just a matter of time before an effective attack takes place. My guess would be that the attack would be of the DDoS variety. Such an attack, even if it only interfered with normal operations, would be financially devastating. It’s not that evil operatives didn’t try such an attack in 2016. They did,  The hacktivist group, Anonymous, made several attempts to bring down the operations of stock markets, banks, and other institutions they felt were corrupt. Some attacks did bring down smaller banks. If they combined their bot networks with the growing number of IoT bot networks, they may eventually be able to pull a stock market hack off. However, for 2016, I would say this prediction was not confirmed.

My Own Predictions

 My own predictions were largely based on the fact that this was an election year.

Political Bot Attacks

Bots from both parties routinely spammed comments on opponents’ social media sites. No candidate’s Twitter account was taken over, but Hillary Clinton’s campaign chairman’s account was. Back in May, I analyzed the social media use of all the major candidates. Using this and other data, I predicted that not only would Donald Trump win the nomination without a problem, but that he would subsequently win the election. It was a shaky limb to climb out on at that time, but the statistical analysis was simply too overwhelming to reach any other conclusion. I would have to say that this prediction was confirmed.

Attack on a High Level Government Agency

 Was the DNC hack a hack on a high level government agency? Was the election manipulated through hacking? If you think the answer either of these questions is, ‘yes’, then the prediction is confirmed. If not then, it wasn’t. I’ll call it weakly confirmed.

 ISIS Ramps up Attacks

ISIS was more of a target of attacks than an attacker. Anonymous took over several of their sites and used them to promote a pro-gay-pride stance, which probably irked the ISIS elite. The fact that ISIS was not a presence in the hacking community lends support to the prevailing view that ISIS, as an organization, is in retreat. Not confirmed

 Final Tally

 I included weakly confirmed predictions as a positive. I did not give myself credit for anything in the main predictions except for my strong view on Apple hacks. There were, therefore, 3 winners in correct predictions this year. Here are the tallies.

Correct Predictions

 Trend Micro – 3

Wired – 3

Me – 3

FireEye – 2

Kaspersky – 2

Websense – 2

 Incorrect Predictions

 Trend Micro – 1

FireEye – 1

Websense – 1

Wired – 1

Kaspersky – 2

Me – 2

Because both Trend Micro and Wired had the better correct to incorrect ratio, I would have to declare them the cybersecurity prediction winners for 2016. Overall, I would give the predictions a ‘B’ grade. Better luck next year.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s