2016 Cyber Threat - Use To Advantage

Based on observations over the past year, here are Security Week’s predictions for threat activity in 2016.

1. Attribution remains murky. Last year both the variety of threat actors and the ability to neatly “classify” these actors into types became much more difficult as attack behaviors changed, and motivations and threats increased in their complexity. Actors no longer work in set groups, but combine with others, involve multiple individuals, and use facades to hinder attribution. This all but ensures that attribution will be even more challenging in 2016.

2. Ransom continues to rule. Extortion as a mode of attack became a popular tactic for threats actors in 2015, and on a few occasions attackers have taken it to the level of demanding that businesses shut down entirely. Having proven that this is a profitable enterprise, attackers will likely further innovate their business models based on ransom and extortion in 2016.

3. More attackers share the global stage. Advanced attack methods, such as custom malware or unusual attack vectors, were historically the domain of nation states with significant engineering capability; often those states that have or are developing a nuclear defense capability. In 2015, non-nuclear states and organized criminal groups adopted these techniques thanks to lower barriers to entry and the increased trade in espionage capabilities. We can safely expect that in 2016 non-nuclear states will continue to develop their cyber capabilities and compete on the global stage.

4. Criminals follow the money. Organized criminals are focusing more intently on high value targets that provide a large value single payout. This is in contrast to the traditional consumer-focused malware approach that these groups have exploited in the past. This is highlighted even more with the Carbanak/Anunak attacks. Examples of high value/low volume transactions that may be targeted in 2016 are payroll, mortgages, and investment transactions.

5. Hacktivists get more sophisticated. Hacktivists continue to be motivated by embarrassment of their targets, but their tactics are no longer simply DDoS, doxing, and defacement. In 2015 hacktivists stole and published data in order to attract awareness to their cause, continuing to embarrass their targets despite the collateral damage. In 2016 hacktivists will use more tactics, techniques and procedures that were previously considered the preserve of cyber criminals.

6. Dark web marketplaces scramble for leadership. Global law enforcement will continue to takedown large dark web marketplaces. This will likely lead to a fragmentation of the market and rival marketplaces scrambling for pole position. This means that in 2016 we can expect the dark web will move to employ overlay networks other than Tor.

7. Attacks on the retail industry evolve. Spurred by the recent requirements for EMV chip card compliance, cyber criminals will continue to develop more sophisticated Point-Of-Sale (POS) malware.

As I stated at the beginning of this article, the point of these predictions isn’t to present a ‘gloom and doom’ scenario. Instead, we can use this information to our advantage. That’s what cyber situational awareness is all about: bringing together relevant and contextual insights to prioritize threat protection and policies and administer takedowns in order to mitigate harmful events.

Information about malicious actors is an important component of cyber situational awareness, because it analyzes which malicious actors might be targeting an organization, why, and their methods of attack. It’s even more critical that this analysis be tailored specifically to organizations and their unique threat environments. With a better understanding of what the future may hold, organizations can gain an upper hand with the adversary, preventing, detecting and containing cyber-related incidents.

Security Week: http://bit.ly/1K9MBKF

« Commercial Opportunities To Be Found In Security Problems
UK Police Deploy Drone-Jamming Technology at Major Public Events »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Tines

Tines

The Tines security automation platform helps security teams automate manual tasks, making them more effective and efficient.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Aveshka

Aveshka

Aveshka is a professional services firm focused on addressing complex threats and challenges including Cybersecurity and Information Technology.

Institute for Cybersecurity & Privacy (ICSP) -  University of Georgia

Institute for Cybersecurity & Privacy (ICSP) - University of Georgia

The goal of ICSP is to become a state hub for cybersecurity research and education, including multidisciplinary programs and research opportunities, outreach activities, and industry partnership.

CipherTrace

CipherTrace

CipherTrace develops cryptocurrency Anti-Money Laundering, cryptocurrency forensics, and blockchain threat intelligence solutions.

ES2

ES2

ES2 is a consulting organisation specialising in Enterprise Security and Solutions Services.

Wolverhampton Cyber Research Institute (WCRI)

Wolverhampton Cyber Research Institute (WCRI)

Wolverhampton Cyber Research Institute builds on the strength of its members in the area of network and communication security, artificial intelligence, big data and cyber physical systems.

FYEO

FYEO

FYEO is a threat monitoring and identity access management platform for consumers, enterprises and SMBs.

National Cryptologic Foundation (NCF) - USA

National Cryptologic Foundation (NCF) - USA

The National Cryptologic Foundation strives to influence the cryptologic future by sharing our educational resources, stimulating new knowledge, and commemorating our heritage.

Senteon

Senteon

Senteon is a turnkey cybersecurity platform designed to make securing confidential data affordable, understandable, and streamlined for small-to-mid sized businesses and MSPs.

Plante Moran

Plante Moran

Plante Moran is a leading audit, tax, consulting, and wealth management firm. Areas of consulting expertise include cybersecurity.

Eficens Systems

Eficens Systems

Eficens Systems is a global IT services and consulting company. We specialize in empowering businesses to harness the potential of Information Technology as a strategic asset.

NewEvol

NewEvol

Don’t React, Evolve! Outsmart threats with real-time AI-powered dynamic defense capability of NewEvol all-in-one cybersecurity platform.

ABPSecurite

ABPSecurite

ABPSecurite is a leading value-added distributor and a network performance solutions provider.

National Centre for Digital Security (CNSD) - Peru

National Centre for Digital Security (CNSD) - Peru

The National Center for Digital Security manages and supervises the operation of Digital Security in Peru in order to strengthen digital trust.

360 Advanced

360 Advanced

360 Advanced is a relationship-focused cybersecurity and compliance firm offering integrated compliance solutions customized to meet your business’ needs.

Thero6

Thero6

Thero6 develop dynamic financial analysis algorithms that help prevent coin collapses and theft of cryptocurrency funds by identifying the transaction absolutely throughout the chain.

Emergence Insurance

Emergence Insurance

Emergence is an insurance underwriting agency, focused on providing insurance solutions to help protect businesses and families against their cyber risks.