We examined the 2016 - 2020 predictions from many of the leading cyber security experts. Here is a roundup of what we predict is going to happen next.

We examined the 2016 - 2020 predictions from many of
the leading cyber security experts. Here is a roundup of
what we predict is going to happen next.

1. Social Networks Fraud
Social sites become bigger targets as lines between social and e-commerce blur. Social
networks will help fraudsters get more sophisticated. Major social networks are becoming more
searchable, allowing fraudsters to learn more about their intended targets. This will lead to
more successful social engineering attacks as targets will be led to believe they’re interacting
with legitimate entities with whom they have an established relationship. Even the strongest
network security is only as strong as its weakest link — which often is the employee.

Malicious e-commerce goes social

Many traditional social networking sites such as Pinterest, Facebook and Twitter have
announced plans to add “buy” buttons to their platforms in an effort to increase stickiness with
their users and help monetize their user base. This will attract criminals looking to conduct
fraudulent transactions on these platforms.

2. Smaller Won’t Be Safer
Online criminals will no longer target just large organizations, as they can get equally valuable
information in other places through analytics on the data they are collecting and combine data
to make it more valuable. That means smaller organizations are more likely targets. A recent
PwC report revealed that 74% of Small and Medium Businesses (SMBs) experienced a security
issue in the last 12 months, and this number will only increase due to SMBs being perceived as
easy targets.

      1   eFraudPrevention.com | info@efraudprevention.com | 800-606-9623

3. Outdated Technology
The structure of the Internet is aging – forgotten and deferred maintenance will become a
major, increasingly expensive problem for defenders. This can include certificates not up to
date; old and broken JavaScript versions that invite compromise; rapid OS updates and new
trends in software end-of-life processes that cause havoc and new applications built on
recycled code with old vulnerabilities.

4. Online Credit Card
EMV cards and digital wallets to shift more fraudulent credit card attacks online. The increasing
adoption of EMV cards and digital wallet solutions, such as Apple Pay and Google Wallet, will
reduce point-of-sale system fraud and counterfeit credit cards. Unfortunately, that will push
more fraudsters online to monetize fake and stolen credit cards.

Mobile wallets and new payment technologies will introduce additional opportunities for credit
card theft and fraud. The payments and payment security landscape is set for some tumultuous
shifts to occur in 2016. These seismic shifts are exactly the types of situations from which savvy
cybercriminals usually seek to take advantage.

With EMV, or Chip and PIN, technology still in a rolling deployment throughout the U.S., it is still
too early to assess its current impact. If historic deployments of this technology are to be
repeated, we are likely to see a decrease in the amount of in-person credit card fraud, but
overall rates will remain the same as fraud migrates online and into other channels.

As criminals look to shift their game plans, there are three distinct areas we see attackers
migrating: newly introduced infrastructure, new payment methodologies and mobile wallets.

5. Data Breaches – Account Takeover
Account takeovers will rise as result of continued large data breaches.

Cyber attacks and data breaches cause reputational harm and business interruptions, but most
of all—they are expensive. Relying on IT defenses alone can create a false sense of security;
however, no organization is immune from risk. In 2016 many companies will turn to cyber
insurance as another layer of protection, particularly as cyber attacks start mirroring physical
world attacks.

      2   eFraudPrevention.com | info@efraudprevention.com | 800-606-9623

6. Cyber attackers will move to the Cloud
As more organizations store their most valuable data in the cloud (customer and employee
data, intellectual property etc.), the bad guys will find a way to gain access to this data, using
computation infrastructure, which allows them to hide easily behind legitimate network
sources and thus remain anonymous.

Online criminals will use credentials to cloud services as a major attack vector. Social
engineering tactics will focus on mimicking cloud login screens to gain credentials.

7. Social Engineering
As always, Social Engineering attacks will continue to remain a major concern for security
practitioners, as attackers continue to utilize same old practices for weaving their attacks. This
again emphasizes the need for effective training and awareness programs to counter such
attacks.

VIP Spoofware: We’ll see a growth in the use of VIP spoof wire transfers as we move into 2016.
Online criminals are becoming increasingly talented at infiltrating business networks to gain
visibility of personnel and their responsibilities, and then using this information to trick staff for
financial gain.

8. The Need for Encryption Escalates
Encrypt everywhere is quickly becoming the mantra of the technology industry. With so much
communication and interaction between people and systems happening over insecure and
vulnerable networks like the Internet, strong encryption for this data in transit has been well
recognized for some time and it is generally implemented.

9. The Tipping Point for Biometric and other Security Is Approaching
Internet security relies on the human element as much as it does on technology. If people were
more skillful, they could help reduce the risks they faced. This is as true of consumers avoiding
scams as it is of government employees avoiding the social engineering in targeted attacks.

This will start to see a reduction on the dependence on passwords. "No password"
authentication methods will no longer be a pipe dream. Organizations will begin offering
authentication methods that are a quicker and more seamless experience for users than
passwords. They will include biometric, geolocation, Bluetooth proximity and pictographs.

      3   eFraudPrevention.com | info@efraudprevention.com | 800-606-9623

10. More Fraud will Move to Mobile
Overlay malware apps are one-stop fraud facilitators that steal user credentials and SMS two-
factor authentication codes — right on the mobile device and at the same time. It is an account
takeover facilitator par excellence, and it is quite effective.

As the cell phone continues to become the preferred two-factor source of authentication for
many financial transactions, it has also increased the value of exploiting the mobile device or its
applications to empower much more theft than currently seen. Ransomware on mobile may
also come as a result of the increased significance of the mobile device in commerce.

Once attackers have learned to infiltrate the wallet on your mobile device, they will begin to
take advantage of their residency on the device to look for other sources of “income” in the
wake of the BYOD phenomena that is now part of the business paradigm.

This will likely mean using the device as a head start to compromise your business network;
there is plenty more money to be had there for a wizened cybercriminal. Emails, contacts,
authentication measures and apps that access the corporate network from the phone can
become a phenomenal source of intellectual property, insider information and other
confidential business materials become easily obtainable and can net an attacker sizable
treasure.

Apple Devices - Apple users should not be complacent about security and change their
perception that Apple devices are “free from malware”- this perception opens up opportunities
for cybercriminals to take advantage of these users. They need to take precautions in order to
prevent their devices from being compromised.

11. Cyber Insurance
As cyber insurance becomes still more common, savvy defenders should factor in policy costs
with defensive posture buying decisions; considering the impact of verifiable security risk
exposure, including the third-party continuous monitoring of corporate networks for risky user
behavior.

Regularly training employees to be smart with email attachments and browsing behavior will
be increasingly tied to the bottom line as such programs will be reflected in lower insurance
premiums due to reducing their risk of breach. Ultimately, cyber insurance will drive better
companies to adopt security postures to handle threats.

      4   eFraudPrevention.com | info@efraudprevention.com | 800-606-9623

12. Domain Names
The addition of the gTLD system will provide new opportunities for attackers. For those
accustomed to the old Internet of .com, .edu, .gov, .net, .org, and .info, you are now beginning
to see many more URLs ending in .club, .xyz and .guru. This will only increase in frequency
because as of November 2015, the number of new gTLDs (delegated strings) available is 800.

ICANN has reported that 1,300 new names or “strings” could become available in the next few
years. A quick look at the new approved and delegated TLD provided by ICANN reveals both big
brands big brands used by everyday consumers and common words (including .car, .wine,
.mom,.family). These new TLDs potentially allow for more effective branding and could
conceivably become an asset navigating the Internet in the future. For now, they are primarily
an asset being cultivated by criminals to confuse users and to ensnare and entrap their
computers with malware.

While there has been a tremendous effort by ICANN to ensure that brands have an opportunity
to control the TLD of their names, this hasn’t prevented controversy and contesting for specific
terms.

Will consumers shopping for a computer steer towards shop.apple, apple.macintosh or
apple.computer? Will businesses users with Salesforce accounts respond to an email that
comes from renewal.salesforce, salesforce.software or salesforce.updates? This potential
confusion is a golden opportunity for criminals and nation-state attackers to create highly
effective social engineering lures to steer unsuspecting users toward malware and data loss.

New gTLDs will definitively be used in active spam and other malicious campaigns. With
attackers well entrenched within the new domains before legitimate users, consumers will
eventually hesitate before casual navigation.

These gTLDs will also make it significantly harder for defenders to protect as many are
unprepared for the new landscape created. This will prompt security advocates to demand to
be involved earlier in the process with how to approach new technologies on the Internet.
More specifically, defenders must consider how new resources and facilities might be abused
by an attacker.

      5   eFraudPrevention.com | info@efraudprevention.com | 800-606-9623

13. Ransomeware
A ransomware attack is typically delivered via an email that includes an attachment that could
be an executable file, an archive, or an image. Once the attachment is opened, the malware is
deployed on the user’s system. Ransomware could also launch on a user’s machine by visiting a
website that has planted malware. Once on the site, a user unknowingly executes unsafe script
(sometimes by clicking a link or downloading a file) and the malware is deployed to the system.

When a user’s machine is infected, nothing visible happens right away. The malware silently
operates in the background until the system or data locking mechanism is deployed and
engaged. Cybercriminals are becoming more and more skilled at developing ransomware that
can operate without being noticed, and they have many tools and techniques at their disposal
to ensure that the ransomware isn’t discovered by the victim. Then a dialogue box appears,
that notifies the user of the data lock and demands that a ransom be paid to retrieve access to
the data.

Malware Wars: It is also possible that ransomware gangs will come into conflict with more
traditional malware distributors in 2016. Ransomware infections are overt and obvious, while
most other malware infections are covert and discreet. The presence of ransomware on a
computer will usually prompt the computer owner to clean the machine thoroughly, removing
any malware from it. As the ransomware may have been installed by a separate piece of
malware, that other malware will also be removed, cutting into the malware operator’s
business model.

Internet of Things: Ransomware will gain ground on banking Trojans and extend into smart
devices like coffee makers, refrigerators, baby monitors, cars, wearables and medical devices,
often owned by wealthier and therefore more lucrative targets. Most wearables, which collect
personal information, lack even basic security features.

This will increase the threat of a massive collision among connected cars; stolen personal
information about users’ home electrical and water usage; and attackers locking medical
devices until a ransom is paid.

Gaining Momentum: There will be an increase with threats to go public with data, rather than
just taking it hostage as we have already seen websites being held ransom to DDoS. Many
Ransomware families are using Darknets for either command or control or for receiving
payments, as we saw with the likes of CryptoWall, TorrentLocker, TeslaCrypt, Chimera, and
many more last year.

      6   eFraudPrevention.com | info@efraudprevention.com | 800-606-9623

14. Incentivized Learning Program (Security Gamification and Simulation)
Internet security relies on the human element as much as it does on technology. If people were
more skillful, they could help reduce the risks they faced. This is as true of consumers avoiding
scams as it is of government employees avoiding the social engineering in targeted attacks.

In this context, security gamification will be used to turn “the desires of the moment” into
lasting changes of behavior by using the psychological rewards and instant gratification of
simple computer games. Security Gamification could be used, for example, to train consumers
to be wary of phishing emails or to generate, remember, and use strong passwords.

15. Malware
Exploit kits will continue to dominate on the web: Exploit kits, like Angler (by far the most
prevalent today) and Nuclear, are arguably the biggest problem we have on the web today as
far as malware goes and this looks set to continue thanks to the thousands and thousands of
poorly secured websites out there on the internet. Cyber criminals will exploit where they can
most easily make money and therefore exploit kits have simply become stock tools of the trade,
used by criminals to attempt to infect users with their chosen malware.

Custom Malware: Computer criminals just are about to switch from creating custom-made
malware to improving existing off-the-shelf developments, making them leave less of a
footprint. This approach makes it difficult for security experts to detect the criminals. Also this
is cheaper for the customers and nothing makes a hacker’s client happier than high profit with
low initial investments.

2016 Election: Attackers will use the 2016 election and related campaign issues to craft email
lures and misdirects in order to push malware payloads with the intent to compromise. Expect
lures made to look like political party or candidate email, advocating an online petition or
survey about specific election issues, linking to a supposed news story, or relaying information
about voter registration or debates.

16. Improved Security on IoT Devices Will Become More Pressing
As consumers buy more smart watches, activity trackers, holographic headsets, and other
Internet of Things (IoT) devices, the need for improved security on these devices will become
more pressing. Online criminals could exploit these new devices to conduct data breaches,
corporate or government espionage, and damage critical infrastructure like electrical grids.

      7   eFraudPrevention.com | info@efraudprevention.com | 800-606-9623