We examined the 2016 - 2020 predictions from many of the leading cyber security experts. Here is a roundup of what we predict is going to happen next.
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
We examined the 2016 - 2020 predictions from many of the leading cyber security experts. Here is a roundup of what we predict is going to happen next. 1. Social Networks Fraud Social sites become bigger targets as lines between social and e-commerce blur. Social networks will help fraudsters get more sophisticated. Major social networks are becoming more searchable, allowing fraudsters to learn more about their intended targets. This will lead to more successful social engineering attacks as targets will be led to believe they’re interacting with legitimate entities with whom they have an established relationship. Even the strongest network security is only as strong as its weakest link — which often is the employee. Malicious e-commerce goes social Many traditional social networking sites such as Pinterest, Facebook and Twitter have announced plans to add “buy” buttons to their platforms in an effort to increase stickiness with their users and help monetize their user base. This will attract criminals looking to conduct fraudulent transactions on these platforms. 2. Smaller Won’t Be Safer Online criminals will no longer target just large organizations, as they can get equally valuable information in other places through analytics on the data they are collecting and combine data to make it more valuable. That means smaller organizations are more likely targets. A recent PwC report revealed that 74% of Small and Medium Businesses (SMBs) experienced a security issue in the last 12 months, and this number will only increase due to SMBs being perceived as easy targets. 1 eFraudPrevention.com | info@efraudprevention.com | 800-606-9623
3. Outdated Technology The structure of the Internet is aging – forgotten and deferred maintenance will become a major, increasingly expensive problem for defenders. This can include certificates not up to date; old and broken JavaScript versions that invite compromise; rapid OS updates and new trends in software end-of-life processes that cause havoc and new applications built on recycled code with old vulnerabilities. 4. Online Credit Card EMV cards and digital wallets to shift more fraudulent credit card attacks online. The increasing adoption of EMV cards and digital wallet solutions, such as Apple Pay and Google Wallet, will reduce point-of-sale system fraud and counterfeit credit cards. Unfortunately, that will push more fraudsters online to monetize fake and stolen credit cards. Mobile wallets and new payment technologies will introduce additional opportunities for credit card theft and fraud. The payments and payment security landscape is set for some tumultuous shifts to occur in 2016. These seismic shifts are exactly the types of situations from which savvy cybercriminals usually seek to take advantage. With EMV, or Chip and PIN, technology still in a rolling deployment throughout the U.S., it is still too early to assess its current impact. If historic deployments of this technology are to be repeated, we are likely to see a decrease in the amount of in-person credit card fraud, but overall rates will remain the same as fraud migrates online and into other channels. As criminals look to shift their game plans, there are three distinct areas we see attackers migrating: newly introduced infrastructure, new payment methodologies and mobile wallets. 5. Data Breaches – Account Takeover Account takeovers will rise as result of continued large data breaches. Cyber attacks and data breaches cause reputational harm and business interruptions, but most of all—they are expensive. Relying on IT defenses alone can create a false sense of security; however, no organization is immune from risk. In 2016 many companies will turn to cyber insurance as another layer of protection, particularly as cyber attacks start mirroring physical world attacks. 2 eFraudPrevention.com | info@efraudprevention.com | 800-606-9623
6. Cyber attackers will move to the Cloud As more organizations store their most valuable data in the cloud (customer and employee data, intellectual property etc.), the bad guys will find a way to gain access to this data, using computation infrastructure, which allows them to hide easily behind legitimate network sources and thus remain anonymous. Online criminals will use credentials to cloud services as a major attack vector. Social engineering tactics will focus on mimicking cloud login screens to gain credentials. 7. Social Engineering As always, Social Engineering attacks will continue to remain a major concern for security practitioners, as attackers continue to utilize same old practices for weaving their attacks. This again emphasizes the need for effective training and awareness programs to counter such attacks. VIP Spoofware: We’ll see a growth in the use of VIP spoof wire transfers as we move into 2016. Online criminals are becoming increasingly talented at infiltrating business networks to gain visibility of personnel and their responsibilities, and then using this information to trick staff for financial gain. 8. The Need for Encryption Escalates Encrypt everywhere is quickly becoming the mantra of the technology industry. With so much communication and interaction between people and systems happening over insecure and vulnerable networks like the Internet, strong encryption for this data in transit has been well recognized for some time and it is generally implemented. 9. The Tipping Point for Biometric and other Security Is Approaching Internet security relies on the human element as much as it does on technology. If people were more skillful, they could help reduce the risks they faced. This is as true of consumers avoiding scams as it is of government employees avoiding the social engineering in targeted attacks. This will start to see a reduction on the dependence on passwords. "No password" authentication methods will no longer be a pipe dream. Organizations will begin offering authentication methods that are a quicker and more seamless experience for users than passwords. They will include biometric, geolocation, Bluetooth proximity and pictographs. 3 eFraudPrevention.com | info@efraudprevention.com | 800-606-9623
10. More Fraud will Move to Mobile Overlay malware apps are one-stop fraud facilitators that steal user credentials and SMS two- factor authentication codes — right on the mobile device and at the same time. It is an account takeover facilitator par excellence, and it is quite effective. As the cell phone continues to become the preferred two-factor source of authentication for many financial transactions, it has also increased the value of exploiting the mobile device or its applications to empower much more theft than currently seen. Ransomware on mobile may also come as a result of the increased significance of the mobile device in commerce. Once attackers have learned to infiltrate the wallet on your mobile device, they will begin to take advantage of their residency on the device to look for other sources of “income” in the wake of the BYOD phenomena that is now part of the business paradigm. This will likely mean using the device as a head start to compromise your business network; there is plenty more money to be had there for a wizened cybercriminal. Emails, contacts, authentication measures and apps that access the corporate network from the phone can become a phenomenal source of intellectual property, insider information and other confidential business materials become easily obtainable and can net an attacker sizable treasure. Apple Devices - Apple users should not be complacent about security and change their perception that Apple devices are “free from malware”- this perception opens up opportunities for cybercriminals to take advantage of these users. They need to take precautions in order to prevent their devices from being compromised. 11. Cyber Insurance As cyber insurance becomes still more common, savvy defenders should factor in policy costs with defensive posture buying decisions; considering the impact of verifiable security risk exposure, including the third-party continuous monitoring of corporate networks for risky user behavior. Regularly training employees to be smart with email attachments and browsing behavior will be increasingly tied to the bottom line as such programs will be reflected in lower insurance premiums due to reducing their risk of breach. Ultimately, cyber insurance will drive better companies to adopt security postures to handle threats. 4 eFraudPrevention.com | info@efraudprevention.com | 800-606-9623
12. Domain Names The addition of the gTLD system will provide new opportunities for attackers. For those accustomed to the old Internet of .com, .edu, .gov, .net, .org, and .info, you are now beginning to see many more URLs ending in .club, .xyz and .guru. This will only increase in frequency because as of November 2015, the number of new gTLDs (delegated strings) available is 800. ICANN has reported that 1,300 new names or “strings” could become available in the next few years. A quick look at the new approved and delegated TLD provided by ICANN reveals both big brands big brands used by everyday consumers and common words (including .car, .wine, .mom,.family). These new TLDs potentially allow for more effective branding and could conceivably become an asset navigating the Internet in the future. For now, they are primarily an asset being cultivated by criminals to confuse users and to ensnare and entrap their computers with malware. While there has been a tremendous effort by ICANN to ensure that brands have an opportunity to control the TLD of their names, this hasn’t prevented controversy and contesting for specific terms. Will consumers shopping for a computer steer towards shop.apple, apple.macintosh or apple.computer? Will businesses users with Salesforce accounts respond to an email that comes from renewal.salesforce, salesforce.software or salesforce.updates? This potential confusion is a golden opportunity for criminals and nation-state attackers to create highly effective social engineering lures to steer unsuspecting users toward malware and data loss. New gTLDs will definitively be used in active spam and other malicious campaigns. With attackers well entrenched within the new domains before legitimate users, consumers will eventually hesitate before casual navigation. These gTLDs will also make it significantly harder for defenders to protect as many are unprepared for the new landscape created. This will prompt security advocates to demand to be involved earlier in the process with how to approach new technologies on the Internet. More specifically, defenders must consider how new resources and facilities might be abused by an attacker. 5 eFraudPrevention.com | info@efraudprevention.com | 800-606-9623
13. Ransomeware A ransomware attack is typically delivered via an email that includes an attachment that could be an executable file, an archive, or an image. Once the attachment is opened, the malware is deployed on the user’s system. Ransomware could also launch on a user’s machine by visiting a website that has planted malware. Once on the site, a user unknowingly executes unsafe script (sometimes by clicking a link or downloading a file) and the malware is deployed to the system. When a user’s machine is infected, nothing visible happens right away. The malware silently operates in the background until the system or data locking mechanism is deployed and engaged. Cybercriminals are becoming more and more skilled at developing ransomware that can operate without being noticed, and they have many tools and techniques at their disposal to ensure that the ransomware isn’t discovered by the victim. Then a dialogue box appears, that notifies the user of the data lock and demands that a ransom be paid to retrieve access to the data. Malware Wars: It is also possible that ransomware gangs will come into conflict with more traditional malware distributors in 2016. Ransomware infections are overt and obvious, while most other malware infections are covert and discreet. The presence of ransomware on a computer will usually prompt the computer owner to clean the machine thoroughly, removing any malware from it. As the ransomware may have been installed by a separate piece of malware, that other malware will also be removed, cutting into the malware operator’s business model. Internet of Things: Ransomware will gain ground on banking Trojans and extend into smart devices like coffee makers, refrigerators, baby monitors, cars, wearables and medical devices, often owned by wealthier and therefore more lucrative targets. Most wearables, which collect personal information, lack even basic security features. This will increase the threat of a massive collision among connected cars; stolen personal information about users’ home electrical and water usage; and attackers locking medical devices until a ransom is paid. Gaining Momentum: There will be an increase with threats to go public with data, rather than just taking it hostage as we have already seen websites being held ransom to DDoS. Many Ransomware families are using Darknets for either command or control or for receiving payments, as we saw with the likes of CryptoWall, TorrentLocker, TeslaCrypt, Chimera, and many more last year. 6 eFraudPrevention.com | info@efraudprevention.com | 800-606-9623
14. Incentivized Learning Program (Security Gamification and Simulation) Internet security relies on the human element as much as it does on technology. If people were more skillful, they could help reduce the risks they faced. This is as true of consumers avoiding scams as it is of government employees avoiding the social engineering in targeted attacks. In this context, security gamification will be used to turn “the desires of the moment” into lasting changes of behavior by using the psychological rewards and instant gratification of simple computer games. Security Gamification could be used, for example, to train consumers to be wary of phishing emails or to generate, remember, and use strong passwords. 15. Malware Exploit kits will continue to dominate on the web: Exploit kits, like Angler (by far the most prevalent today) and Nuclear, are arguably the biggest problem we have on the web today as far as malware goes and this looks set to continue thanks to the thousands and thousands of poorly secured websites out there on the internet. Cyber criminals will exploit where they can most easily make money and therefore exploit kits have simply become stock tools of the trade, used by criminals to attempt to infect users with their chosen malware. Custom Malware: Computer criminals just are about to switch from creating custom-made malware to improving existing off-the-shelf developments, making them leave less of a footprint. This approach makes it difficult for security experts to detect the criminals. Also this is cheaper for the customers and nothing makes a hacker’s client happier than high profit with low initial investments. 2016 Election: Attackers will use the 2016 election and related campaign issues to craft email lures and misdirects in order to push malware payloads with the intent to compromise. Expect lures made to look like political party or candidate email, advocating an online petition or survey about specific election issues, linking to a supposed news story, or relaying information about voter registration or debates. 16. Improved Security on IoT Devices Will Become More Pressing As consumers buy more smart watches, activity trackers, holographic headsets, and other Internet of Things (IoT) devices, the need for improved security on these devices will become more pressing. Online criminals could exploit these new devices to conduct data breaches, corporate or government espionage, and damage critical infrastructure like electrical grids. 7 eFraudPrevention.com | info@efraudprevention.com | 800-606-9623
You can also read