Cybercriminals are set to become information dealers in the coming year, according to the top 10 cyber security predictions for 2015 by Websense Security Labs.
Websense principal security analyst Carl Leonard said criminals will use the sale of credit card numbers to fund the collection of a broader range of data about victims.
“Cybercriminals are continually adapting evasive techniques and methods so they can circumvent the security systems that were specifically put in place to stop them,” said Charles Renert, vice president of Websense Security Labs. “By thoroughly analyzing recent cybercrime trends and tactics, we have established a common thread across each of these predictions: threat activity is increasing in frequency and sophistication.”
“With a new year of threats just on the horizon, our predictions aim to help security teams stay a step ahead of the threats and vulnerabilities anticipated to impact their organizations,” added Carl Leonard, Websense, principal security analyst. “Our security teams constantly analyze the landscape to identify the most effective ways to safeguard our customers from the repercussions of tomorrow’s threats.”
Highlights of the report include:
1. The healthcare sector will see an increase in data stealing attack campaigns.
Healthcare records hold a treasure trove of personally identifiable information that can be used in a multitude of attacks and various types of fraud. In an environment still transitioning millions of patient records from paper to digital form, many organizations are playing catch-up when it comes to the security challenge of protecting personal data. As a result, cyber-attacks against this industry will increase.
2. Attacks on the Internet of Things (IoT) will focus on businesses, not consumer products.
As the Internet of Things accelerates the connectivity of everyday items, proof-of-concept hacks against refrigerators, home thermostats and cars have been widely reported. However, the real threat from IoT will likely occur in a business environment over consumer. Every new internet-connected device in a business environment further increases a business attack surface. These connected devices use new protocols, present new ways to hide malicious activity and generate more noise that must be accurately filtered to identify true threats. Attacks are likely to attempt to use control of a simple connected device to move laterally within an organization to steal valuable data. In the coming year, manufacturing and industrial environments, in particular, are likely to see an increase in attack volume.
3. Credit card thieves will morph into information dealers.
As the retail sector escalates their defenses and security measures such as Chip and PIN technology are mandated, look for cybercriminals to accelerate the pace of their credit card data theft. In addition, these criminals will begin to seek a broader range of data about victims. These fuller, richer, personal identity dossiers of individual users, consisting of multiple credit cards, regional and geographic data, personal information and behavior, will be increasingly traded in the same manner that stolen credit cards are today.
4. Mobile threats will target credential information more than the data on the device.
With the auto-login capability of mobile apps, mobile devices will increasingly be targeted for broader credential-stealing or authentication attacks to be used at a later date. These attacks will use the phone as an access point to the increasing Cloud-based enterprise applications and data resources that the devices can freely access.
5. New vulnerabilities will emerge from decades-old source code.
OpenSSL, Heartbleed and Shellshock all made headlines this year, but have existed within open source code for years, waiting to be exploited. The pace of software development demands that new applications are built on open source, or legacy proprietary source code. As new features and integrations build on top of that base code, vulnerabilities continue to be overlooked. Next year, attackers will successfully exploit seemingly divergent application software through vulnerabilities in the old source code that these applications share.
6. Email threats will take on a new level of sophistication and evasiveness.
Though the Web remains the largest channel for attacks against businesses, new highly-sophisticated email evasion techniques will be introduced and designed to circumvent the latest enterprise-grade defenses. Traditionally used as a lure in past attack scenarios, email will become a more pervasive element of other stages of an attack, including the reconnaissance stage.
7. As companies increase access to Cloud and social media tools, command and control instructions will increasingly be hosted on legitimate sites.
Criminals will increasingly use social and collaborative tools to host their command and control infrastructure. Those charged with protecting business from attack will have a difficult time discerning malicious traffic from legitimate traffic when communications to Twitter and Google Docs are not only allowed, but also encouraged.
8. There will be new (or newly revealed) players on the global cyber espionage/cyber war battlefield.
The techniques and tactics of nation-state cyberespionage and cyberwarfare activities have primarily been successful. As a result, additional countries will look to develop their own cyber-espionage programs, particularly in countries with a high rate of forecasted economic growth. In addition, because the barrier of entry for cyber activities is minimal compared to traditional espionage and war costs, we believe we will see an increase in loosely affiliated “cells” that conduct cyber-terrorist or cyber warfare initiatives independent from, but in support of, nation-state causes.