It was a big year for cyber-crime in 2015 and the year ahead is shaping up to surpass it. ARN has compiled predictions from a cross section of vendors in an attempt gain insight from many crystal ball gazers.
The Cloud comes under attack
Blue Coat CISO A/NZ, Damien Manuel, said the keys to the kingdom are now in the Cloud and that makes it a target for cyber-criminals.
“As more organisations continue to store their most valuable data in the Cloud such as intellectual property,customer and employee data, the bad guys will find a way to gain access to it,” he added.
“In 2016, we expect to see an increase in breaches of Cloud services, and hackers will use credentials to Cloud services as a major attack vector. Social engineering tactics will focus on mimicking Cloud login screens to gain credentials.”
Data integrity will be questioned
RSA general manager A/NZ, Shaun McLagan, noted that Cloud, an increase in IoT-enabled devices, and new infrastructure like the National Broadband Network (NBN) and connections between them, will open up new opportunities for data to be manipulated - at rest or in transit.
“How will data authenticity be verified from when it is sent from household smart meters and when it reaches the utility? In sensor networks, especially in Australia's regional areas, how can we be sure the data accurately reflects the conditions? As we've seen many interconnected systems designed without security in mind, how will that information be treated?
“As we rely on more information to be make better (and sometimes completely automated) decisions, the accuracy and integrity of that data will become key."
Internet of Things remains vulnerable
FireEye senior manager for Mandiant Consulting, Jackson McKinley, warned that affordable and internet-connected home security and automation systems could enable attackers to spy on homeowners and disarm security systems and this had the potential to make residential properties more attractive targets in the coming year.
“A connected home brings up the emerging idea of the Internet of Things, and those “things” will likely be heavily targeted in 2016,” he explained.
“Everything from refrigerators to garage door openers are being Internet-enabled and many of these appliances have weak security controls, which leaves them unprotected from threats. It’s likely we’ll see these “things” held hostage by ransomware, which will ultimately lead to extortion attempts.”
AVG security awareness director, Michael McKinnon, had similar thoughts on the impact IoT will have on individual and corporate security postures.
“We’ll continue to see many strange devices being internet connected, and without a conscious effort to include security by design,” he said.
“While it may be amusing to own one of the latest WiFi-enabled kettles that allow you to switch it on using your smartphone without having to put your book down, it has the potential to give up your secret WiFi key.”
Legislating the lawless digital expanse
Cyber-crime legislation will take a significant step towards becoming a truly global movement in 2016 according to Trend Micro managing director Asia Pacific, Dhanya Thakkar.
“The good guys will see more indicators of success, be it in faster legislation, successful take-downs, more cyber-criminal arrests, and convictions,” he explained.
“Governments and authorities will act faster and will give more rapid response to cyber offences. This year, the cloak of anonymity that hid underground forums was removed, allowing law enforcement agencies to take down the hacking forum Darkode.
“Cooperation and partnership will also flourish, as shown by the concerted efforts of Trend Micro, INTERPOL, the Cyber Defence Institute and other security firms that resulted in the SIMDA botnet take-down in April. We will also see enhanced international cooperation, as spearheaded by major regions like the US and Europe, in their recent data-sharing agreement on investigations.
“The Internet has operated with very lax regulations for years. 2016 will see a significant shift in the mindset of governments and regulators to take on an even more active role in protecting the Internet and safeguarding its users. Cyber-crime laws will be in discussion, and changes to outdated cyber-security standards will be mandated to bolster an improved stance on security.”
LogRhythm sales director A/NZ, Simon Howe, echoed Thakkar’s sentiment and added that security was currently experiencing something of a renaissance.
"Security is a hot space and the fact that CISOs are getting a seat in the Board room is another indication of the importance of this industry for all organisations, regardless of the vertical market,” he told ARN.
“Many companies still don’t have adequate security infrastructures, awareness or training to defend themselves. Companies will either “get it” or not, and government will start ramping up regulations.
“The principle and the intention behind the creation of a more collaborative community for the open sharing of threat intelligence is grand, with two distinct sides of the aisle. We will either see a big push or nothing happen at all.”
The war between cyber-criminals heats up
While legislation and cooperation will bring the security community together, the criminal world may see a civil war taking place between new players and the old guard according to Symantec business manager information protection, Nick Savvides.
“Ransomware infections are overt and obvious, while most other malware infections are covert and discreet,” he said.
“The presence of ransomware on a computer will usually prompt the computer owner to clean the machine thoroughly, removing any malware from it. As the ransomware may have been installed by a separate piece of malware, that other malware will also be removed, cutting into the malware operator’s business model.
“In 2016, more malware distribution networks may soon refuse to distribute such obvious malware, forcing the ransomware gangs to develop their own distribution methods.
“As awareness of these scams increases, the attackers and their malware are likely to evolve and use more sophisticated techniques to evade detection and prevent removal. The “ransom letter” will likely also evolve and the attackers will use different hooks to defraud innocent users.”