In 2015, several attacks compromised millions of personal records. The main breaches in 2015 according to Network World are as follows:
These attacks, just a few of many in 2015, have guided security professionals’ predictions for 2016.
While avoiding breach altogether is unrealistic, companies can do their best to prepare for compromise so when it comes, they can react quickly and efficiently. FortiGuard Labs lists five cybersecurity threat predictions to watch for in 2016:IoT: Great Friend and Sneakiest Foe: The Internet of Things is expected to grow even more in 2016. The possibilities are exciting. However, in 2016, Jason Sabin of DigiCert cautions that, “Hackers will use IoT devices as springboards into corporate networks.” Access points multiply as the number of IoT devices used in the workplace increases. Across the board, security professionals agree that IoT will become central to “land and expand” attacks. Hackers will take advantage of vulnerabilities in every area from smart home devices to wearables, compromising corporate-issued devices or corporate networks. Jail-breaking the Cloud: Hackers are expected to seek out vulnerabilities to compromise host systems as virtualization technologies expand further. Specifically, mobile applications can potentially turn mobile devices into vectors for remote attacks on cloud-based systems. “Ghostware” Conceals Indictors of Compromise: Contrary to “Blastware,” which destroys itself and host systems if detected by antivirus software, “Ghostware” extricates data and deletes all evidence of compromise before it can even be detected. Subsequently, companies don’t even know where to start when seeking out the extent of data loss. Headless Worms Target Headless Devices: Autonomous, or “headless,” attacks are likely to make their headless device debut in 2016. Malware is expected to disseminate from device to device with the expansion of attack surfaces like those found in the IoT. Two-Faced Malware: Savvy attackers are expected to design a new two-faced malware that will carry out a benign process at runtime, mask its efforts as safe while under inspection, and then execute its malicious process once clear. Additionally, companies face another challenge if this malware is flagged as safe by their advanced sandboxing techniques. In this case, two-faced malware will escape future inspection by vendors’ threat intelligence systems.
As technology enhancements continue to improve the professional world, there is a paralleled demand for stronger security. These predictions should push companies to implement better security solutions to avoid breaches in 2016.
For an in-depth look at predictions expected to arise in 2016, visit Georgia Tech’s Emerging Cyber Threats Report for 2016, collated from their annual Cyber Security Summit. McAfee Labs 2016 Threats Predictions also outlines a five-year forecast for cybersecurity.