Biggest Cybersecurity Threats In 2016

Uploaded on 2016-01-09 in FREE TO VIEW, NEWS-Cybersecurity News

Headless worms, machine-to-machine attacks, jail-breaking, ghostware and two-faced malware: The language of cybersecurity incites a level of fear that seems appropriate, given all that's at stake.

In the coming year, hackers will launch increasingly sophisticated attacks on everything from critical infrastructure to medical devices, said Fortinet global security strategist Derek Manky.

"We are facing an arms race in terms of security," said Manky. Fortinet provides network security software and services, and its customers include carriers, data centers, enterprises, distributed offices and managed security service providers.

Here's how the 2016 threat landscape looks to some experts:

Research firm Gartner predicts there will be 6.8 billion connected devices in use in 2016, a 30 percent increase over 2015. By 2020, that number will jump to more than 20 billion connected devices, predicts Gartner. Put another way, for every human being on the planet, there will be between two and three connected devices (based on current U.N. population projections).
The sheer number of connected devices, or the "Internet of Things," presents an unprecedented opportunity for hackers. "We're facing a massive problem moving forward for growing attack surface," said Manky.
"That's a very large playground for attackers, and consumer and corporate information is swimming in that playground," he said. Many consumer connected devices do not prioritize security. As they proliferate, expect the number of attacks to skyr
 
In its 2016 Planning Guide for Security and Risk Management, Gartner puts it like this: "The evolution of cloud and mobile technologies, as well as the emergence of the 'Internet of Things,' is elevating the importance of security and risk management as foundations."

Smartphones present the biggest risk category going forward, said Manky. They are particularly attractive to cybercriminals because of the sheer number in use and multiple vectors of attack, including malicious apps and web browsing.

"We call this drive-by attacks — websites that will fingerprint your phone when you connect to them and understand what that phone is vulnerable to," said Manky.

Apple devices are still the most secure, said Manky. "Apple's had a good security policy because of application code review. So that helps, certainly, to filter out a lot of these potential malicious applications before they make it onto the consumer device,…With that, nothing is ever safe," he said.

The new-year will likely bring entirely new worms and viruses able to propagate from device to device, predicts Fortinet. 2016 will see the first "headless worms" — malicious code — targeting "headless devices" such as smart watches, smartphones and medical hardware. "These are nasty bits of code that will float through millions and millions of computers," said Manky.

Of course, the potential for harm when such threats can multiply across billions of connected devices is orders of magnitude greater.

"The largest we've seen to date is about 15 million infected machines controlled by one network with an attack surface of 20 billion devices. Certainly that number can easily spike to 50 million or more," said Manky. "You can suddenly have a massive outage globally in terms of all these consumer devices just simply dying and going down."
 
Expect a proliferation of attacks on cloud and cloud infrastructure, including so-called virtual machines, which are software-based computers. There will be malware specifically built to crack these cloud-based systems.

"Growing reliance on virtualization and both private and hybrid clouds will make these kinds of attacks even more fruitful for cybercriminals," according to Fortinet.

At the same time, because apps rely on the cloud, mobile devices running compromised apps will provide a way for hackers to remotely attack public and private clouds and access corporate networks.

Firms need to stop thinking just about cyberattack deterrence, and focus on detecting breaches early and often, says Hitesh Sheth, CEO of Vectra Networks.

As law enforcement boosts its forensic capabilities, hackers will adapt to evade detection. Malware designed to penetrate networks, steal information, then cover up its tracks will emerge in 2016. So-called ghostware will make it extremely difficult for companies to track exactly how much data has been compromised, and hinder the ability of law enforcement to prosecute cybercriminals.

"The attacker and the adversaries are getting much more intelligent now," said Manky.

Alongside ghostware, cybercriminals will continue to employ so-called "blastware" which destroys or disables a system when detected. "Blastware can be used to take out things like critical infrastructure, and it's much more of a damaging attack," he said.
"Because attackers may circumvent preventative controls, detection and response capabilities are becoming increasingly critical," advises Gartner in its report.

Many corporations now test new software in a safe environment called a sandbox before running it on their networks. "A sandbox is designed to do deeper inspection to catch some of these different ways that they're trying to change their behaviors," said Manky. "It's a very effective way to look at these new threats as we move forward."

That said, hackers in turn are creating malevolent software that seems benign under surveillance, but morphs into malicious code once it's no longer under suspicion. It's called two-faced malware.

This is at least partially the sheer volume of attacks is so high — Fortinet sees half a million security threats per minute.

"The reason we see so much volume as well is because cybercriminals are trying to evade [detection]. They know about security vendors, they know about law enforcement, they're trying to constantly morph and shift their tactics," said Manky.

"Companies should definitely enforce more security policies," said Manky. "Security's becoming a board level discussion, so that's already happening, and it should continue to happen."
Part of any cybersecurity strategy should be the use of antivirus software, the education of employees not to click on unknown attachments or links as well as keeping software up to date, also know as patch management.

"A lot of these devices are not going to be patched that quickly or they might not have an update mechanism on them," said Manky. "Certainly, any time a patch becomes available, companies should enforce that because these are closing a lot of the holes where attackers are navigating through."

Here is how Gartner frames it for business seeking to protect themselves in 2016. "While some traditional controls have or will become less effective, techniques such as removing administrative privileges from endpoint users should not be forgotten. Similarly, vulnerability management, configuration management and other basic practices have to be priorities in organizations that have not yet implemented them effectively."

And ultimately, something is better than nothing, advises the firm: "Addressing priorities does not mean striving for perfection, but rather ensuring, at least, that critical exposures are remediated (or, if applicable, mitigated with compensating controls) and that the residual risks are minimal and acceptable (or at least enumerated and tracked)."

CNBC: http://cnb.cx/1mLqnto

« Cyberwar: Islamic State, Russia & China Hold The Advantage
ISIS Secret Cyber Terrorism Forum Exposed »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

CyberDefenses

CyberDefenses

CyberDefenses services combine best-in-class cybersecurity oversight, managed services and training to help our clients truly address their cybersecurity challenges.

Payload Security

Payload Security

Payload Security's VxStream Sandbox is a fully automated malware analysis system.

Cybellum

Cybellum

Cybellum brings the entire product security workflow into one dedicated platform, allowing device manufacturers to keep the connected products they build cyber-secure and cyber-compliant.

SecuDrive

SecuDrive

SecuDrive, provides hardware encrypted external storage devices to protect a company’s sensitive and important data.

Wallarm

Wallarm

Wallarm is the only unified, best-in-class API Security and WAAP (Web App and API Protection) platform to protect your entire API and web application portfolio.

Idaho National Laboratory (INL)

Idaho National Laboratory (INL)

INL is an applied engineering laboratory dedicated to supporting the US Dept of Energy's missions in energy research, nuclear science and national defense including critical infrastructure protection.

Inspirria Cloudtech

Inspirria Cloudtech

Inspirria Cloudtech is a specialized Cloud Technologies Services provider and Cloud Aggregator focused on executing cloud models for clients.

vdiscovery

vdiscovery

vdiscovery is a provider of proprietary and best-in-breed solutions in computer forensics, document review, and electronic discovery.

CYRail

CYRail

CYRail project will analyse threats targeting Railway infrastructures and develop innovative attack detection and alerting techniques.

Nucleus Security

Nucleus Security

Nucleus is a leading Vulnerability Management platform for Large Enterprises, MSPs/MSSPs, and Application Security Teams that want more from their vulnerability management tools.

Palantir

Palantir

Palantir software empowers entire organizations to answer complex questions quickly by bringing the right data to the people who need it.

Ethyca

Ethyca

Ethyca builds automated data privacy infrastructure and tools for developers and privacy teams to easily build products that comply with GDPR, CCPA Privacy Regulations.

Cognyte

Cognyte

Cognyte is a global leader in investigative analytics software that empowers a variety of government and other organizations with Actionable Intelligence for a Safer World.

EtherAuthority

EtherAuthority

EtherAuthority's engineering team has been helping blockchain businesses to secure their smart contract based assets since 2018.

Ontinue

Ontinue

Ontinue ION is an MXDR service that provides Nonstop SecOps through five key capabilities that enable your organization to respond to attacks and continuously reduce risk.

3DOT Solutions

3DOT Solutions

3DOT Solutions is an established UK cybersecurity consultancy focused on delivering end-to-end cyber security solutions for private and public sector customers.