Mobile technology, the cloud,Internet of Things (IoT) and rising savvy and persistence of hackers are reshaping modern threat landscapes in a big way. This puts the onus on you to stay abreast of trends so you can respond swiftly and successfully to threats—both malicious and unintentional. To get you on the right path, we’ve compiled experts’ top threat predictions for 2016.
1. Machine to Machine Attacks – Gartner predicts there will be 20 billion connected devices by 2020 powered by the the Internet of Things. All are ripe for exploitation by hackers seeking to leverage personal device credentials to gain access to corporate networks. Think of this as “next generation BYOD.” Beyond just smartphones and tablets, you’ll also need to worry about the vulnerabilities that arise when your network connects to myriad devices from fitness trackers to smartwatches.
2. Two-Faced Malware – Malware has evolved. One of the more malicious breeds to watch out for is two-faced malware that acts benign when being observed in a security sandbox; then unleashes devious behavior when released into the network. Two-faced malware has the stealth to pass sandbox “safety” tests, gain access to the system and compromise enterprise data. Even worse, once your threat intelligence system records it as “safe,” the malware can no longer be detected by your sandbox in future attacks.
3. Jailbreaking Visits the Cloud – Jailbreaking, traditionally a tactic to target individual devices, is poised to go to the cloud in 2016. It’s a trend coming on the heels of Venom, which re-emerged in 2015 using floppy disk drivers to break out of a hypervisor and attack the host operating system. As more companies adopt virtualization and cloud technologies, hackers will step up their malware attacks on these environments, and you need to be ready.
4. Integrity Attacks Increase – A relatively new form of attack from state-sponsored hackers, integrity threats are predicted to become mainstream in 2016. Integrity attacks typically focus on a single component of a larger system. For example, rather than hacking a bank website and stealing login credentials for thousands of customers, an integrity attack might compromise banking software to review the processes employed. By touching only a handful of transactions, hackers can steal millions but affect just a few—leaving smaller footprints that are more difficult to detect and mitigate.
Predicting what will dominate the 2016 threat landscape is more than an annual tradition, it’s vital to the advanced planning required to be ready for the inevitable. It helps to look both ways. That’s why you should work with an experienced network security provider like Xiologix that has a track record delivering and integrating security, hardware, software services and solutions to meet your complex IT needs.
