Sophos has released its global cyber security predictions for 2016, which discusses the nature of evolving threats vis-à-vis rising complexity in securing the cyber space. These predictions indicate that as advanced attacks get more coordinated than ever before, security solutions also need to function in a coordinated way. Given below are the trends highlighted in this report:
Mobile threats will become more than just headline-grabbers
2016 will see an increase in the number of Android exploits becoming weaponized (as opposed to bugs like Stagefright which was heavily reported earlier in 2015 but was never fully exploited). There are significant vulnerabilities in the Android platform which may take months to patch. SophosLabs has already seen samples that go to extreme lengths to avoid App Store detection and filtering—giving malicious Apps a better chance of surviving on App stores. iOS is also likely to get into the line of fire as we’ve already seen the Apple App Store get hit a few times this year.
IoT platforms – not yet the weapon of choice for commercial malware authors – but business beware
Advent of IoT (Internet of Things) has already produced scary stories on webcams, baby monitors, children’s toys and even cars being easy targets for hackers. However, we won’t see widespread IoT exploits anytime soon. What we will see is more research and Proof of Concepts demonstrating that non-vendor code can be installed on these devices because of insufficient validations (lack of code-signing, susceptibility to Man in the Middle-class exploitations) by the IoT vendors. We can also expect an increase in data-harvesting/leakage attacks against IoT devices to eventually attain information like video/audio feeds, stored files, credential information for logging into cloud services, etc. Notably, security concerns on IoT will move beyond industrial control systems (e.g. SCADA) and threats may target other connected / IoT devices.
SMBs will become a bigger target for cybercriminals
A recent PwC report revealed that 74% of Small and Medium Businesses (SMBs) experienced a security issue in the last 12 months, and this number will only increase due to SMBs being perceived as easy targets.
Data protection legislation changes will lead to increased fines for the unprepared
In 2016, the pressure on business to secure customers’ data will increase as the EU data protection legislation looms closer. Fear of facing penalties is likely to have far reaching impact on how businesses deal with security. Two major changes will be the EU General Data Protection Regulation (GDPR), and the Investigatory Powers Bill in the UK. The EU Data Protection regulation will come fully into force across Europe by the end of 2017, so companies need to start preparing in 2016.
VIP Spoofware will raise more havoc
We’ll see a growth in the use of VIP spoof wire transfers as we move into 2016. Hackers are becoming increasingly talented at infiltrating business networks to gain visibility of personnel and their responsibilities, and then using this information to trick staff for financial gain.
Ransomware to gain momentum
Ransomware will continue to dominate in 2016. Attackers will increasingly threaten to go public with data, rather than just taking it hostage and we have already seen websites being held ransom to DDoS. Many Ransomware families are using Darknets for either command or control or for receiving payments, as we saw with the likes of CryptoWall, TorrentLocker, TeslaCrypt, Chimera, and many more in 2015.
Social engineering to remain lethal as ever
As always, Social Engineering attacks will continue to remain a major concern for security practitioners, as attackers continue to utilize same old practices for weaving their attacks. This again emphasizes the need for effective training and awareness programs to counter such attacks.
Both bad and good guys will be more coordinated
The bad guys will continue to use coordinated attacks but the cyber security industry will make significant strides forward with information sharing.
Commercial malware authors will continue to invest heavily
Commercial malware authors will continue to reinvest at ever greater rates, bringing them towards the ‘spending power’ of nation-state activity. This includes purchasing zero days. These bad guys have lots of cash and they are spending it wisely.
Exploit kits will continue to dominate on the web
Exploit kits, like Angler (by far the most prevalent today) and Nuclear, are arguably the biggest problem we have on the web today as far as malware goes and this looks set to continue thanks to the thousands and thousands of poorly secured websites out there on the internet. Cyber criminals will exploit where they can most easily make money and therefore exploit kits have simply become stock tools of the trade, used by criminals to attempt to infect users with their chosen malware.