Over the past four weeks we have seen numerous cybersecurity predictions for 2016 issued by security firms. Security experts are trying to determine which part of the now incredibly broad threat landscape will be most favored by cybercriminals in 2016.
Some companies have made very specific cybersecurity predictions for 2016. They have come out with very bold claims, even predicting the presidential elections will be disrupted by a major cyberattack. Others believe 2015 will be broadly similar to 2015, with just an increase in ransomware attacks and even more massive data breaches suffered.
What all of the cybersecurity predictions for 2016 have in common is that the next 12 months are expected to be tough for security professionals.
The number and types of devices now connecting to corporate networks is broader than ever before. People are now far more likely to own and use three or more Internet-connected devices and use them on a regular basis. Alternative payment methods are being used more frequently. There is now more than ever to attack and too many devices and systems to keep secure. Unsurprisingly, no one appears to be claiming that 2016 will be easier than last year for cybersecurity professionals.
Cybersecurity predictions for 2016
The attack surface is now incredibly broad, but where are cybercriminals most likely to strike? This is what we think. Here are cybersecurity predictions for 2016.
IoT – expect attacks on the Internet of Things
Let’s start with a bold prediction. The IoT is likely to come under attack this year. I say bold, but that is only in terms of the timescale. IoT devices will be attacked, shut down, altered, remotely controlled, and used as a launchpad for attacks on other devices. If a device is constantly connected to the Internet, it will only be a matter of time before an attack takes place.
One problem with adding IoT technology is the manufacturers of the devices are not security experts. A washing machine that can be controlled via Wi-Fi or a Smartphone app, and can be switched on remotely while you are at work, has been designed first and foremost to wash clothes. It has then had IoT functionality bolted on. It has not been designed with security at the core of the design.
Surely a washing machine is not going to be used to attack a corporation you may say. Well, a Smart heating and air conditioning system was used to attack Target and gain access to the credit card numbers of its customers. Hackers are certainly looking at IoT devices and are probing for weaknesses. Security needs to be first rate, but unfortunately in many cases it is not.
Crypto-ransomware evolution will continue – Increase in ransomware attacks to be expected
Over the past 12 months crypto-ransomware attacks have increased significantly. Cybercriminals are now developing new malware capable of locking computers with powerful encryption.
The encryption cannot be cracked. The devices can only be unlocked using a security key. That key is held by the attackers. A ransom is demanded by cybercriminals and it must be paid before the key is released. Ransoms are demanded in Bitcoin because the currency is next to impossible to trace.
Developing crypto-ransomware is a lucrative business and that is unlikely to change any time soon. At present, ransomware is sent via mass spam email and the victims are not really targeted. The aim is to infect as many devices as possible. More infections equal more ransoms.
What we are likely to see over the course of the next 12 months is an increase in the ransom amount demanded and a more targeted approach adopted. Businesses are likely to be targeted and crypto-ransomware used to hold companies ransom. Companies are likely to be able to pay more than individuals.
We also expect ransomware to make the jump over to OS X, and to a lesser extent iOS. Cybercriminals would love to start charging Mac prices!
Apple owners to come under attack
That neatly leads us on to Apple. Users of Macs and iPhones have had it too good for too long. Hackers have not been too bothered about Mac users in the past, as there are greater rewards to be had from writing malware to target the masses. Consequently, the majority of malware targets Windows-based devices. Apple’s market share has been too small to warrant the development of Apple-specific malware. That is now changing.
Apple’s market share is increasing. As more people make the switch to Apple, it will be more lucrative for criminals to develop malware to target OS X devices. Over the course of the last year we have seen new malware created specifically for Apple devices. The volume is still small in comparison to malware that infects Windows-based devices, but we can expect Apple to come under attack in 2016.
Increase in memory resident malware
Hackers are getting better at obfuscation. They are developing ever more complex ways of hiding malware to evade detection. One of the main problems faced by malware authors comes from the fact that if a file is downloaded to a computer it can be found.
However, if malicious code is injected into the memory of a computer and no files downloaded, it is very difficult to detect. Memory-resident malware is more difficult for hackers to create, but many are now developing new fileless malware in order to evade detection for longer.
Until now memory-resident malware has been short-lived. It only survives until the device is rebooted. However, we are now seeing new forms that are simply reloaded into the memory when the computer is rebooted. We can expect to see even more memory-resident malware attacks in 2016 as the use of fileless malware grows.
Major healthcare industry attacks will take place
In 2015, cybercriminals targeted the healthcare industry with increased vigor. Massive data breaches were suffered, the likes of which the industry had never before seen. Anthem was attacked last year and 78.8 million healthcare records were stolen. An attack on Premera BlueCross exposed 11 million records, and Excellus suffered a 10-million record data breach. These massive cyberattacks used to be a rarity. In fact, up until 2014 the largest U.S. healthcare data breach affected just 4.9 million individuals.
The healthcare industry has been slow to implement new technology and many security weaknesses remain. They are now being exploited with increasing regularity. Since the value of data stored by health insurers and healthcare providers is so high, and the volumes of Social Security numbers, health data, and personal information so large, successful attacks can be extremely profitable. Where there is profit, and poor security there will be cyberattacks. These massive breaches will therefore continue in 2016.
Attacks on employees to increase in 2016
Employees are the weakest link in the security chain and hackers and cybercriminals are well aware of this. They target employees to gain access to corporate networks, with phishing one of the easiest ways to gain access to corporate data. These attacks have proved to be highly successful and have resulted in huge volumes of data being obtained by criminals. Some of the largest data breaches of the last two years have started with phishing campaigns. The attacks on Sony, Target, and Anthem for example.
Employers are getting better at blocking phishing emails and employees are now being trained to identify them, but these attacks will continue and will become more targeted and sophisticated.
As more employees work from home, we expect them to be targeted there instead of work. Their home computers and personal devices will be used to gain access to corporate networks. They tend to have more security weaknesses. Those weaknesses are likely to be exploited with increasing frequency.