Like any other year, 2015 had its mix of ups and downs in the world of security. A fine line exists between the threats that we face and the solutions we have at our disposal; any slip-up on the part of defenders can make an existing problem that much worse, cyber security company, Trend Micro said.
The coming year will not be any different. In 2016, cyber extortionists will devise new ways to target its victim’s psyche to make each attack “personal”—either for an end user or an enterprise. Threats will evolve to rely more on mastering the psychology behind each scheme than mastering the technical aspects of the operation. Reputation is everything, and threats that can ruin an individual’s or a business’ reputation will prove to be effective and—more importantly—lucrative. Security vendors will need to work together with law enforcement and would-be victims to help combat these evolving threats.
Below are the Trend Micro 2016 Cyber Security Predictions:
Online extortion will continue to grow in 2016
Extortion in one form or another has been a key part of cybercriminal activity for many years. For consumers, it has taken many forms, ranging from fake antivirus, to police Trojans, up to today’s crypto-ransomware.
Fundamentally, the threat remains the same: we have your data, we are denying access to it, give us money or else. These criminal syndicates are quite profitable. Estimates point towards “earnings” that are in the millions of dollars. This is essentially a “risk-free” activity for many cybercrime groups which results in a considerable amount of profit, and it shouldn’t be a surprise that this has turned into one of the biggest threats facing ordinary users today.
Moving forward, we can expect more threats that attempt to extort money from users. More than just data, other things that users find valuable and are online could become targets as well. Consider what happened to some of the users of Ashley Madison, who faced threats over their (alleged) membership in the dating site. Similar attacks on the reputations of users may happen in the near future.
Enterprises and other large organizations will face their own reputation risks due to data breaches
There are few things more damaging to an organization than a major data breach that exposes their innermost secrets. Companies like Sony and the Hacking Team learned this, much to their regret. Hacktivists respond to incentives as well as anyone else. Instead of merely defacing websites and/or carrying out denial-of-service (DoS) attacks, hacktivists with more capabilities might well try to steal a company’s most valued secrets and leak these to the public.
This constitutes a new kind of threat as far as data breaches are concerned. Traditionally these are either for-profit attacks by cybercriminals or information theft carried out by nation states. Attacks by hacktivists may well differ from these previous threats and need to be treated accordingly.
Attacks on consumer-grade smart devices will prove fatal – directly or otherwise
More and more devices and items are being connected to the Internet, with shipments expected to grow at 67% annually for the next five years. As these devices a greater part of the daily lives of users, their security shortcomings become more apparent and problematic. Vulnerabilities are already known to exist in devices ranging from baby monitors, to cars, to gasoline pumps. These devices are very slowly patched – if at all.
As a result, known vulnerabilities are in the wild for longer periods than they would be in, say, PCs, where software vendors regularly release patches. This toxic combination of day-to-day importance and lack of security may cause injuries – or worse, fatalities – to users due to the failure of smart devices.
While threats continue to evolve and cybercriminals employ new tactics, we are bound to see concrete results of past efforts to curb cyber threats. User awareness and partnerships with law enforcement and private organizations will bring about success in the form of swift legislation, takedowns, arrests, and convictions.
[Download PDF Report]– 2016 Trend Micro Security Predictions: The Fine Line