Over the next five years, devices will continue to grow in volume and variety, with predictions putting the number of connected devices by 2020 at 200 billion … and climbing. These devices will need to be secured. However, since the majority of these companies and their technologies are driven by time to market, they have limited time and resources to invest in Internet of Things (IoT) device security, exposing them to attacks.
McAfee Labs, the threat research division of Intel Security, recently released its 2016 Threat Predictions Report, which provided an in-depth review of the cyber threat outlook between now and 2020. The company has forecasted a threat landscape characterized by a much larger cyberattack surface with the proliferation of new technologies and devices.
In McAfee Labs’ 2015 report, the company had predicted several trends, including the “acceleration of more.” Over the last five years, everyday objects have become smarter and more connected. The report stated adversaries, from hacktivists to nation-state actors, will continue to look for new ways to exploit this increasingly interconnected environment.
“On the consumer side, the explosion of devices and the proliferation of exciting ‘free’ services—whether phones, tablets, wearables, smart TVs or home automation—is fueling an exponential growth in personal data. Everywhere we go and in everything we do, we are leaving a trail of “digital exhaust,” the 2016 report stated.
The report noted that the one constant of cybersecurity is change. Businesses, government agencies and individuals will need to continue to keep pace with the ever-evolving cybersecurity landscape in order to protect systems and information against attacks.
“Keeping pace with, anticipating and preempting adversaries requires that we match the intelligence exchange, cloud computing and delivery power, platform agility and human resource assets that cybercriminals regularly leverage,” said Vincent Weafer, vice president of Intel Security’s McAfee Labs. “To win battles against future threats, organizations must see more, learn more, detect and respond faster, and fully utilize all the technical and human resources at their disposal.”
2016 cybersecurity trends
The 2016 threat predictions run the gamut of trends, with likely threats including ransomware, attacks on automobile systems, critical infrastructure attacks and the warehousing and sale of stolen data.
Ransomware – Ransomware is expected to continue to be a critical, growing threat in 2016. Greater numbers of inexperienced cybercriminals will leverage ransomware-as-a-service offerings which could further accelerate the growth of ransomware.
While CryptoWall 3, CTB-Locker, and CryptoLocker have dominated the ransomware landscape, new variants of these families and new families are expected to appear this year.
Payment systems – Payment systems are also likely to be a vulnerable target going forward, particularly with the rise of cryptocurrencies, such as bitcoin.
The report predicts that criminals targeting payment systems will increase their focus on attacks designed to steal and sell credentials. This is expected to be achieved through a combination of traditional attack methods, such as phishing, and new methods as well.
Automobiles – Automobile attacks rose sharply in 2016 with the increase in connected automobile hardware. For example, in August, several security researchers demonstrated that is possible to hack different types of connected cars, including a Jeep Cherokee.
According to the Business Insider, The Connected-Car Report, there will be 220 million connected cars on the road by 2020. Moreover, analysis portal Statista, citing a McKinsey report, predicts that 12 percent of cars will be connected to the Internet by 2016.
The report noted that, “Poorly secured driverless cars and smart highways will further expose drivers and passengers in 2017 and beyond, likely resulting in lost lives.” McAfee also predicts the emergence of non-safety-related threats that invade the privacy of the vehicle’s owner, such as hacking into the car’s microphone or camera.
Cyber espionage – Cyber espionage has become a key concern facing the US and other nations, with 548 incidents reported in 2014 alone. Espionage attacks are becoming stealthier and more impactful than prior breaches, and are expected to continue to do so in years ahead.
McAfee Labs cited the successful breach and theft of roughly 20 million background checks from the Office of Personnel Management as a very clear illustration of the increasing strategic impact of cyber espionage activities.
Wearables – The IoT has grown significantly over the past several years. With the rise of the IoT movement, there has been a rapid growth in the number of wearable device, such as activity trackers, smart watches, and other portables. ABI Research estimates that there will be 780 million wearable devices in use by 2019.
Although most wearable devices store a relatively small amount of personal information, wearable platforms could be targeted by cybercriminals working to compromise the smartphones used to manage them.
McAfee Labs said, “We doubt that a smartphone will be completely compromised by an attack through a wearable device, but we expect to see the control apps for wearables compromised in the next 12 to 18 months in a way that will provide valuable data for spear-phishing attacks.”
Attacks through employee systems – The past year has seen a number of high profile breaches, including the hack of the Ashley Madison website, a commercial website billed as enabling extramarital affairs.
As organizations continue to improve their security postures in response to incidents like this, attackers are likely to shift their focus and increasingly attack enterprises through their employees. One way adversaries will do this is by targeting, among other things, employees’ relatively insecure home systems to gain access to corporate networks.
Cloud services – With the alarming level of confidential company data shared on cloud services and platforms, cybercriminals, competitors and nation-states will increasingly target these services to steal information.
McAfee explained, “Such services, if exploited, could compromise organizational business strategy, company portfolio strategies, next-generation innovations, financials, acquisition and divestiture plans, employee data and other data.”
Warehouses of stolen data – In 2016 it is anticipated that the market for stolen personal data and credentials will develop into a truly robust enterprise. The accumulation of stolen data has been going on for a couple of years, and McAfee Labs predicts that a dark market for stolen personally identifiable information and credentials will develop in the coming year.
Integrity attacks – One of the most significant new attack vectors will be stealthy, selective compromises to the integrity of systems and data. These attacks involve seizing and modifying transactions or data in favor of the perpetrators, such as a malicious party changing the direct deposit settings for a victim’s paychecks and having money deposited into a different account. In 2016, McAfee Labs predicts that we could witness an integrity attack in the financial sector in which millions of dollars could be stolen by cyber thieves.
Sharing intelligence
Despite an increase in the quantity and quality of cyber threats, McAfee Labs remains confident that the new wave of hacking can be deflected through the sharing of threat intelligence by businesses, governments and security vendors.
For instance, Intel Security became one of four founding members of the Cyber Threat Alliance to facilitate threat sharing across a trusted community of industry participants in an automated and efficient way. Members leverage one another’s expertise to prevent attacks. The Cyber Threat Alliance is just one of many industry-driven threat intelligence sharing cooperatives.
The report indicates that threat intelligence sharing among enterprises and security vendors will continue to grow rapidly and mature, and legislative steps may be taken to make it easier for companies and governments to share information. Earlier this year, President Obama signed an executive order to promote information sharing on cyber threats between the public and private sector.
However, it remains to be seen whether systematic cyber threat intelligence sharing between industry and government will take off in 2016.
"To address the business, technology and threat landscape realities facing them, we must help organizations get to where they need to be, using technologies that will enable and not hinder their businesses, and understand what kinds of threats could be confronting them tomorrow and far into the future," Weafer said.
