The great sage and Hall of Fame baseball player Yogi Berra. Yogi once noted, “It’s tough to make predictions especially about the future.”
And so I will venture out to make predictions, many of which should be considered warnings, for 2016 — as I remain all the while cognizant of the words of the Chinese philosopher La Tzu that “those who have knowledge, don’t predict. Those who predict don’t have knowledge.”
So here are cybersecurity predictions for 2016:
Nation-states will continue battling for control (overt and covert) of the Internet infrastructure components, including energy facilities, further polarizing the cyber intelligence landscape. What started as intelligence sharing between Iraq, Russia, Iran and Syria in the fight against ISIS, might well develop into a new coalition in the cyber space to counteract “Five Eyes” intelligence alliance, with China and EU having to pick sides. Cyber criminals will join hacktivists and nation-states in the race to dominate endpoints, whether mobile or stationary. Malware wars on the endpoint and malware hijacking will escalate significantly, as the demand for distributed bots grows and the supply of vulnerable hosts gets depleted.
- As more and more people do large amounts of their financial dealings on their smartphones, these devices will increasingly be targeted by identity thieves seeking to exploit vulnerabilities in the Android systems and Apple’s iOS. Hackers will also take advantage of smartphone users failing to use basic security precautions such as having a complex password for their smartphones or failing to install and continually update anti-virus and anti-malware software. Mobile botnets will overtake PC-based with the vengeance, as the number of poorly protected devices, as well as their bandwidth and processing power, grows exponentially. New strains will utilize every possible communication channel (4G/LTE, Wi-Fi, Bluetooth, NFC) to circumvent blocking, spread faster, and become more resilient. GPS tracking, hot miking, interesting camera angles, and potential to jump air gaps make mobile an irresistible hacking platform.
The Internet of Things will increasingly be exploited by hackers. With more and more products including cars, refrigerators, coffee makers, televisions, smartwatches, webcams, copy machines, toys and even medical devices being connected to the Internet, the Internet of Things will become a prime target for hackers to exploit in many ways. It will evolve into a household terrorism (smart toaster can really ruin your morning by mounting a DDoS attack on the coffeemaker), and that’s in the best case scenario. In the worst case, explosion and propagation of the unchecked number of mostly unprotected, but well-connected devices can blow through the best designed cyber defenses – anything from a thermostat to a sprinkler can now be used as an entry point to the enterprise or home network.
Behavioral Analytics will continue to mature its Predictive capabilities, aided by better data coverage, increased security monitoring, advances in machine learning, and deeper understanding of adversary tactics, techniques and procedures, including insider threat. We’ll start to see gradual adoption of Prescriptive analytics too – automated response to well-known scenarios – as well as significant shift from batch processing to real-time Streaming Analytics enhanced by the rich context of historical data.
We will get better at fighting the cybercrime. The only way to stop the attacks is to make the cost outweigh the benefits. Crime cannot go unpunished, and the punishment has to extend beyond perpetrators: facilitators and benefactors have to be held responsible too. Cyber-insecurity is another factor that lowers the cost of cybercrime. Product safety should extend into cyber space, and buggy router has to be treated as seriously as faulty airbag, subject to safety recall and hefty fines.
Although in the wake of the massive data breach at the Office of Personnel Management (OPM) the federal government has made a concerted effort to increase computer security, the problem is too big and the government is too cumbersome to make the dramatic across the board changes necessary to prevent another major and embarrassing data breach at one or more federal agencies.
The financial system will come under increased attack in creative ways such as stealing “insider” information and using it to profit through stock trading. Pump and dump schemes will be done on a large scale based on stolen data identifying vulnerable victims. Banks worldwide will continue to be targeted by criminals attacking not just particular accounts, but the accounting systems of the banks to make their crimes more difficult to recognize.
The health care industry will remain the largest segment of the economy to be victimized by data breaches both because, as an industry, it does not provide sufficient data security and because the sale of medical insurance information on the black market is more lucrative than selling stolen credit and debit card information. Medical identity theft is not only the most costly for its individual victims to recover from, but also presents a potentially deadly threat when the identity thief’s medical information becomes intermingled with the medical identity theft victim’s medical records.
Although data breaches have not been discovered at major retailers during this holiday shopping season that does not meant that they have not occurred. It only means that they have not yet been discovered. You can expect that in 2016 we will learn about major retailers whose credit and debit card processing equipment has already been hacked.
The computers of the candidates for President of the United States present too tempting a target to a wide range of hackers from those merely looking to embarrass a candidate to those seeking financial information about political contributions. Expect one or more candidates to have their campaigns’ computers hacked.
- As more and more data migrates to the cloud, hackers will focus their attention on infiltrating the cloud. As so often is the case, the cloud may be more vulnerable due to the security measures used by the people and companies using the cloud rather than inherent security weaknesses in the companies providing cloud services.
In addition, get ready for these next five cybersecurity challenges in the New Year:
1. Tor Troubles
There will be a greater percentage of reconnaissance, attacks and exfiltration over Tor, anonymous proxies and related mechanisms for encrypted, anonymized communication. Tor Project is an anonymous browsing service. It was breached in 2014. Specifically, those relays appear to have been targeting people who operate or access the features of the browsing service. The attack essentially modified Tor protocol headers to do traffic confirmation attacks.
2. Incident Prevention
In the New Year, there will be a strong need to integrate incident prevention, detection and response for more rapid risk mitigation in the face of a growing volume of overall attacks. This will ring true with companies that were breached and those that were not. Outmaneuvering the bad actors remains a constant challenge in the security world.
3. Lines Increasingly Opaque
The lines separating nation-state actors and cybercriminals will become increasingly opaque as talent, tools and techniques are used across both camps. This makes the law enforcement side of the equation even more vital as the FBI and other agencies set out to catch the criminals.
4. Predictive Intelligence
We’ll see an increased need for predictive intelligence that helps organizations understand the ‘who, what, where and how’ of attacks before they hit their organization. IBM and others have invested heavily in security software that taps into big data to prevent attacks with predictive intelligence.
5. Incident Response
Robust intelligence-driven incident response solutions coupled with incident responder services will be the norm for post-incident risk mitigation. McAfee and other security software companies have been placing a greater emphasis on this approach to combat threats and maintain service availability even in the face of a cyberattack.
Even More Cybersecurity Predictions
Looking back at 2015, we remember the vast array of breaches and hacks, as well as new technologies designed to stop the bleeding of critical data from within organizations.
There will be massive security vendor consolidation and thinning of the masses from single vendor point solutions.
Single-use credit card numbers or two-step authentication will become attractive options for curbing comprised credit card information.
A true username and password replacement will evolve.
And, last but not least, we may see — or at least hope to see — secure, always-on communications for all mobile devices.