An IT security product company has outlined their 2015 IT security predictions to help businesses interpret and anticipate threat trends to defend against cyber attacks. The full report is available at: http://www.websense.com/2015predictions.
Charles Renert, vice president of Websense Security Labs, said: “Cybercriminals are continually adapting evasive techniques and methods so they can circumvent the security systems that were specifically put in place to stop them. By thoroughly analysing recent cybercrime trends and tactics, we have established a common thread across each of these predictions: threat activity is increasing in frequency and sophistication.”
Carl Leonard, Websense, principal security analyst, added: “With a new year of threats just on the horizon, our predictions aim to help security teams stay a step ahead of the threats and vulnerabilities anticipated to impact their organisations. Our security teams constantly analyse the landscape to identify the most effective ways to safeguard our customers from the repercussions of tomorrow’s threats.” The report suggests:
1. The healthcare sector will see more data stealing attacks.
Healthcare records hold personally identifiable information that can be used in a multitude of attacks and various types of fraud. In a sector still going from millions of patient records from paper to digital form, many organisations are playing catch-up when it comes to the security of protecting personal data. As a result, cyber-attacks against this industry will increase.
2. Attacks on the Internet of Things (IoT) will focus on businesses, not consumer products.
As the Internet of Things accelerates the connectivity of everyday items, proof-of-concept hacks against refrigerators, home thermostats and cars have been reported. However, the real threat from IoT will likely occur in businesses rather than consumers. Every new internet-connected device in a business further increases a business attack surface. These connected devices use new protocols, present new ways to hide malicious activity and generate more noise that must be accurately filtered to identify true threats. Attacks are likely to attempt to use control of a simple connected device to move laterally in an organisation to steal valuable data. Factories and industry, in particular, are likely to see an increase in attack volume.
3. Credit card thieves will morph into information dealers.
As the retail sector escalates their defences and security measures such as Chip and PIN are mandated, look for cybercriminals to accelerate the pace of their credit card data theft. In addition, these criminals will begin to seek a broader range of data about victims. These fuller, richer, personal identity dossiers of individual users, consisting of multiple credit cards, regional and geographic data, personal information and behaviour, will be increasingly traded in the same manner that stolen credit cards are.
4. Mobile threats will target credential information more than the data on the device.
With the auto-login capability of mobile apps, mobile devices will increasingly be targeted for broader credential-stealing or authentication attacks to be used later. These attacks will use the phone as an access point to the increasing Cloud-based enterprise applications and data resources that the devices can freely access.
5. New vulnerabilities will emerge from decades-old source code.
OpenSSL, Heartbleed and Shellshock all made headlines this year, but have existed within open source code for years, waiting to be exploited. The pace of software development demands that new applications are built on open source, or legacy proprietary source code. As new features and integrations build on top of that base code, vulnerabilities continue to be overlooked. Next year, attackers will exploit seemingly divergent application software through vulnerabilities in the old source code that these applications share.
6. Email threats will take on new sophistication and evasiveness.
Though the web remains the largest channel for attacks against businesses, new highly-sophisticated email evasion techniques will be introduced and designed to circumvent the latest enterprise-grade defences. Traditionally used as a lure in past attack scenarios, email will become a more pervasive element of other stages of an attack, including the reconnaissance stage.
7. As companies increase access to Cloud and social media tools, command and control instructions will increasingly be hosted on legitimate sites.
Criminals will increasingly use social and collaborative tools to host their command and control infrastructure. Those charged with protecting business from attack will have a difficult time discerning malicious traffic from legitimate traffic when communications to Twitter and Google Docs are not only allowed, but also encouraged.
8. There will be new (or newly revealed) players on the global cyber espionage/cyber war battlefield.
The techniques and tactics of nation-state cyberespionage and cyberwarfare activities have primarily been successful. As a result, additional countries will look to develop their own cyber-espionage, particularly in countries with a high rate of forecasted economic growth. In addition, because the barrier of entry for cyber activities is minimal compared to traditional espionage and war costs, expect an increase in loosely affiliated “cells” that conduct cyber-terrorist or cyber warfare initiatives independent from, but in support of, nation-state causes.
