2016 Cyber Threat - Use To Advantage

Uploaded on 2016-01-22 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Based on observations over the past year, here are Security Week’s predictions for threat activity in 2016.

1. Attribution remains murky. Last year both the variety of threat actors and the ability to neatly “classify” these actors into types became much more difficult as attack behaviors changed, and motivations and threats increased in their complexity. Actors no longer work in set groups, but combine with others, involve multiple individuals, and use facades to hinder attribution. This all but ensures that attribution will be even more challenging in 2016.

2. Ransom continues to rule. Extortion as a mode of attack became a popular tactic for threats actors in 2015, and on a few occasions attackers have taken it to the level of demanding that businesses shut down entirely. Having proven that this is a profitable enterprise, attackers will likely further innovate their business models based on ransom and extortion in 2016.

3. More attackers share the global stage. Advanced attack methods, such as custom malware or unusual attack vectors, were historically the domain of nation states with significant engineering capability; often those states that have or are developing a nuclear defense capability. In 2015, non-nuclear states and organized criminal groups adopted these techniques thanks to lower barriers to entry and the increased trade in espionage capabilities. We can safely expect that in 2016 non-nuclear states will continue to develop their cyber capabilities and compete on the global stage.

4. Criminals follow the money. Organized criminals are focusing more intently on high value targets that provide a large value single payout. This is in contrast to the traditional consumer-focused malware approach that these groups have exploited in the past. This is highlighted even more with the Carbanak/Anunak attacks. Examples of high value/low volume transactions that may be targeted in 2016 are payroll, mortgages, and investment transactions.

5. Hacktivists get more sophisticated. Hacktivists continue to be motivated by embarrassment of their targets, but their tactics are no longer simply DDoS, doxing, and defacement. In 2015 hacktivists stole and published data in order to attract awareness to their cause, continuing to embarrass their targets despite the collateral damage. In 2016 hacktivists will use more tactics, techniques and procedures that were previously considered the preserve of cyber criminals.

6. Dark web marketplaces scramble for leadership. Global law enforcement will continue to takedown large dark web marketplaces. This will likely lead to a fragmentation of the market and rival marketplaces scrambling for pole position. This means that in 2016 we can expect the dark web will move to employ overlay networks other than Tor.

7. Attacks on the retail industry evolve. Spurred by the recent requirements for EMV chip card compliance, cyber criminals will continue to develop more sophisticated Point-Of-Sale (POS) malware.

As I stated at the beginning of this article, the point of these predictions isn’t to present a ‘gloom and doom’ scenario. Instead, we can use this information to our advantage. That’s what cyber situational awareness is all about: bringing together relevant and contextual insights to prioritize threat protection and policies and administer takedowns in order to mitigate harmful events.

Information about malicious actors is an important component of cyber situational awareness, because it analyzes which malicious actors might be targeting an organization, why, and their methods of attack. It’s even more critical that this analysis be tailored specifically to organizations and their unique threat environments. With a better understanding of what the future may hold, organizations can gain an upper hand with the adversary, preventing, detecting and containing cyber-related incidents.

Security Week: http://bit.ly/1K9MBKF

« Commercial Opportunities To Be Found In Security Problems
UK Police Deploy Drone-Jamming Technology at Major Public Events »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

SSH Communications Security

SSH Communications Security

SSH Communications Security is a leading provider of enterprise cybersecurity solutions for controlling trusted access to information systems and data.

Lynx Software Technologies

Lynx Software Technologies

Lynx provide secure software and operating systems for use in mission critical applications such as aerospace, medical, transportation and IoT.

Cybercom Group

Cybercom Group

Cybercom offers strategic advice, testing & quality assurance, security solutions, system development, integration, management and operation services.

Hague Security Delta (HSD)

Hague Security Delta (HSD)

The Hague Security Delta Campus is home of the leading cyber security cluster in Europe with an Innovation Centre, labs and training facilities.

VerifyMe

VerifyMe

VerifyMe is a global technology solutions company delivering brand protection offerings to mitigate counterfeiting, product diversion, and illicit trade.

Global Cyber Security Capacity Centre (GCSCC) - Oxford University

Global Cyber Security Capacity Centre (GCSCC) - Oxford University

GCSCC's work is focused on developing a framework for understanding what works, what doesn’t work and why – across all areas of cybersecurity capacity.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

Microland

Microland

Microland’s delivery of digital is all about making technology do more and intrude less for global enterprises. Our services include Cloud & Data Center, Networks, Cybersecurity and more.

ClassNK Consulting Service (NKCS)

ClassNK Consulting Service (NKCS)

ClassNK Consulting provides consulting services to the maritime industry with a focus on safety, security and compliance.

Lunio

Lunio

Lunio makes the internet a safer and more reliable place for everyone trying to grow their business by automatically getting rid of fake clicks, traffic, and leads on all ad platforms.

FYEO

FYEO

FYEO is a threat monitoring and identity access management platform for consumers, enterprises and SMBs.

MindWise

MindWise

MindWise is a comprehensive global threat monitoring solution with implementations for fraud prevention and enterprise threat intelligence.

Cyber Security Partners (CSP)

Cyber Security Partners (CSP)

Cyber Security Partners specialise in the provision of Cyber Security Consultancy, Data Protection and Certification and Compliance services.

PeoplActive

PeoplActive

PeoplActive is an IT consulting and recruitment services organization with leading capabilities in digital, cloud and security.

Third Wave Innovations

Third Wave Innovations

Third Wave Innovations (formerly RCS Secure) offers a full spectrum of cybersecurity safeguards and IT services.

Canary Technology Solutions (Canary IT)

Canary Technology Solutions (Canary IT)

A Cloud, Cyber Security, Retail Solutions and Managed IT Services provider for over 25 years, we safeguard and revolutionise business through technology and foresight.