What does 2016 have in store for businesses and consumers with regards to cyber security threats? A specialist in malware detection, RedSocks’ malware intelligence team has formulated five predictions for the year ahead. These predictions conclude that in 2016, cyber security threats will become the new normal, yet security efforts and behaviours – of both businesses and consumers – will fail to catch up.
Hybrid threats using cyber attacks as a battering ram will continue to rise. Cyber attacks are increasingly being used as part of a bigger plan. Concepts and techniques from the commercial hacker industry (aimed at gaining financial advantage) will increasingly be incorporated into nation-sponsored and targeted cyber attacks. Critical environments and supervisory control and data acquisition (SCADA)-systems will continue to be targeted. Since they target operational capabilities within power plants, factories and refineries, SCADA attacks tend to be political in nature. Well-known examples of such attacks are Shamoon hitting companies in the oil and gas industry, such as Saudi Aramco, and Stuxnet, sabotaging the Iranian nuclear program.
Harmful hardware will play a growing role in the risk and strength of cyber attacks. Why? First, the chances of acquiring hardware components with a backdoor are high. And as Edward Snowden revealed, western countries are no strangers to using this tactic. Second, hardware is cheap as chips. This means it could cost as little as $9,000 to build a 1000 core machine capable of wreaking exponential havoc.
Virtualized Environments - Cyber security on a shoestring will leave companies virtually exposed. 1Virtualized environments are complex and create new network layers. According to Gartner, the hypervisor layer is particularly vulnerable to attack because of the privileged layer it holds in the stack. As organizations move to virtualized environments, security needs to be designed from the outset to deliver effective protection. The increase in system complexity, impacted by developments such as virtualization, IoT and mobile, is still not being matched with an increase in security effort or budget. Both remain minimal.
Mobile payments will become increasingly attractive to cyber criminals. The growth of mobile payment platforms is currently overwhelming. Banks’ investment in security for new mobile platforms doesn’t (yet) match this growth. Traditional banking tools such as ATMs and bank/credit cards are increasingly difficult to hack or copy. However, with mobile payments on the rise, criminals’ interest will gravitate towards these new forms of digital (mobile) payments.
Z is for hacking: hactivism will spread substantially. Generation Z (those aged between 5 and 19) is coming of age in the aftermath of the great recession and the era of war on terrorism. Hactivism, their means of rebellion, will rise significantly. Recent attacks on Ziggo in the Netherlands and TalkTalk in the UK have shown that these teenagers do not shy away from paralyzing large parts of national networks. All generations will be confronted by more fake social media profiles which criminal organizations are using to educate followers for criminal activities (grooming).
On a larger scale, hactivism will continue to be used by nations as a strategy to intimidate or retaliate. Russia, ISIS Cyber Caliphate and China are examples of nations or states that are typically associated with this type of attack. A good example of this is the recent Pawn Storm attack on the Dutch Safety Board following publication of its detailed report on the MH17 incident on October 13, 2015.
Cybercrime investigations in 2016 must be robust. Citizens and businesses alike must assume responsibility for their own security. Public sector cyber security levels should also be raised with government institutions and businesses having access to threat assessments and advanced knowledge about how to reduce vulnerabilities.
Special attention to the public sector is warranted. Public servants working with IT, which is almost all of them, must understand how important they are in the current cyber security arena and step up to the plate. With its sheer scale and reach, the public sector can, and should, become a formidable force in the defense and defeat of all but the most persistent adversarial actors and cyber threats. It is, after all, the largest organized group that represents a nation.
By RedSocks’ Malware Intelligence Team (Niels Groneveld, Pepijn Janssen, Adrianus Warmenhoven, Rickey Gevers, Reza Rafati)