10 things we can expect in the year ahead
Following the huge number of data lapses, last year will be remembered as the 'year of the breach' says Paul McEvatt who advises that we prepare for more frequent and diverse attacks in the year ahead.
Paul McEvatt, senior cyber-threat intelligence manager, UK & Ireland, Fujitsu
Today's digital era presents a variety of challenges when it comes to security; they have led to questions around control of data and the growth in opportunities for data manipulation and theft.
Organisations of every type and across the globe now need to face up to the stark reality that they have something cyber-criminals want. Whether they have access to customer data and hold personal information, they hold credit card information, have/host valuable IPR, are involved in mergers and acquisitions, or if they simply do not secure their information, they are a target – and will be breached.
In year year ahead businesses should be looking out for :
1. Internet of DDoS things
The ‘Internet of Things' (IoT) phenomenon which will become an increasingly complex headache for security professionals in 2016. Vulnerable IoT devices are connecting to the internet at a rapid pace. It's easy and cheap to rent DDoS-as-a-service, so expect to see more numerous and bigger attacks going forward.
2. Data will remain king
During 2016, cyber-criminals will target industries that hold vast amounts of data on individuals such as the legal, education and telecommunication sectors. Cyber-criminals can misuse data in multiple ways as they seek to monetise their efforts through extortion, identity theft or gaining access to networks using social engineering tactics.
3. Web application attacks – low hanging fruit
The concept of hacking is more mainstream than it's ever been. It's depicted in video console games such as Watch Dogs and popular TV programmes like Mr Robot. Consequently, it will pique the interest of the modern day script kiddie, resulting in more attacks than ever before.
4. Identity ransom
Ransomware has steadily been on the rise over the last couple of years with malware authors creating increasingly complex variants including many that use end to end encryption.In the year ahead we will see the campaign authors make the threat more personal. Doxing for bitcoin will be a tactic used by threat actors to extort money by threatening to leak personally identifiable data online unless the victim pays a fee.
5. Biometrics on the rise
Biometrics are no longer seen as a fad or gimmick. Apple has changed the way many people think about biometrics with the introduction of the fingerprint sensor to the mass market via their smart devices. Users no longer see this layer of security as onerous.
6. Adobe Flash in the spotlight
Adobe has continued to be one of the biggest security headaches for organisations and it will continue to be so. Flash is a favourite for threat actors; they've used it frequently in exploit kits such as Angler and Neutrino, which look to take advantage of vulnerabilities in browser plug-ins to install ransomware such as Cryptolocker and Teslacrypt. Now organisations will consider whether they truly need it for their business.
7. The insider-threat from ever more tech-savvy employees
An eight-year prison sentence was the harsh lesson handed out to a former Morrison's employee in 2015 after he leaked details of an employee database. As organisations look to tighten and lockdown their security controls this year after recent high profile breaches, this could lead to a situation where employees attempt to circumvent those controls. In a worst case scenario, they might potentially leave unintentional backdoors for threat actors.
8. Check the mail…
Phishing continues to grow in complexity with polymorphic campaigns successfully evading traditional security controls. Threat actors will continue to imitate organisations such as banks and send legitimate-looking letters to companies and individuals, such as offers for loans.
9. Increasingly seeking support from iSOCs and vSOCs
There is plenty of online discussion about the staff shortage in cyber-security. Those businesses trying to manage an in-house security capability may find they are unable to keep pace with the increasingly advanced threats and sheer number of vulnerabilities and breaches. They may also find it difficult to retain skilled staff as the shortfall in IT security professionals grows. We predict intelligent SOCs (iSOCs) and virtual SOCs (vSOCs) will grow as a result of this as organisations increasingly send their logs to an expert SOC-managed security services provider.
10.SSL/TLS and SHA-1 woes with Secure Web Communications on the rise
An increasing number of websites are adopting the use of SSL/TLS as the default. This trend is only set to continue given the increased processing power of modern computers and the added security it offers. This is not without issue however and 2015 saw several SSL/TLS related security issues hit the headlines such as Freak and LogJam.
Breaches are often down to a few very similar issues – externally facing vulnerabilities, lack of control around the supply chain or lack of adequate security monitoring against threats such as phishing or drive-by downloads. The truth is that security must be a top priority for every business and whilst we still don't know what the year ahead will bring so it's important to be prepared for any eventuality.
Contributed by Paul McEvatt, senior cyber-threat intelligence manager, UK & Ireland, Fujitsu