Last month, WatchGuard Technologies, a leader in multi-function firewalls, released its information on security predictions for 2016. From spear phishing to IoT and malvertising, WatchGuard recommends to keep an eye on the following emerging security threats this year for protection:
- Hijacked firmware attacks the Internet of Things (IoT): When a hacker hijacks a computer, the plan is to make sure malicious code stays on the device. However, hijacking the Internet of Things (IoT) is a different story. Most IoT devices don't have local storage and have few resources, so getting code to stick involves modifying the firmware. Therefore WatchGuard expects to see proof-of-concept attacks that permanently modify and hijack the firmware of IoT devices, and in response expects to see vendors to start to harden security for IoT devices by implementing secure boot mechanisms that make it more difficult for attackers to modify firmware.
- The next big wireless security vulnerability will involve "ease-of-use" features that clash with real world security. For example, the Wi-Fi Protected Setup (WPS) is one such usability feature, which exposed a weakness by allowing attackers onto wireless networks. This year, vendors are adding new wireless usability features, such as Microsoft's Wi-Fi Sense. WatchGuard expects the next wireless vulnerability to involve an ease of use feature that enables users, and hackers, to easily join a wireless network.
- Hacktivists hijack broadcast media, as they enjoy communicating big stories designed to get public attention, unlike cyber criminals who stay under the radar. The whole point of "cyber" activism is to use technology to get as many people as possible to notice the message, whatever it may be. Anonymous is a great example of this, with well-known videos. WatchGuard predicts hacktivists will do something big this year that broadcasts their revolution to the world live.
- Criminals will launch more targeted attacks against iOS. Last year, cyber criminals infected Apple's development platform and WatchGuard believes criminals will continue to exploit this attack vector to sneak malware onto Apple's official marketplace.
- Malvertising attempts are expected to triple in 2016. Although some services and products are getting better at detecting malicious advertisements, WatchGuard highly recommends to have security controls in place that can monitor HTTPS.
- Today's automated attacks constantly evade reactive defenses. Signature-based protection is no longer effective. While human analysts can identify new threats by monitoring for suspicious behaviors, cyber criminals release such a volume of new threats that humans cannot keep up. Artificial Intelligence (AI) and machine learning, that can automatically recognize and help track malicious behavior, is a good solution, as well as defenses that are proactive, such as APT Blockers that automatically identify malware and threats based on behaviors and not just on static patterns.
- WatchGuard expects cyber criminals to make very effective ransomware for alternate platforms, including Android mobile devices and Mac laptops. To date, ransomware primarily targets Windows but, with new strains of file encrypting malware, this will change.
- Cyber criminals target specific users with customized social engineering tactics to trick trusting users into giving up their access privileges. We recommend dedicating budgets each year to provide employees with security awareness training that includes the latest social engineering techniques.
- Most SMB security breaches will come back to basic security best practice failures. However, if organizations concentrate on following basic security best practices, they will avoid the majority of the attacks in 2016.
- Cyber criminals target schools: The amount of data collected about children while they are students in school is representing one of the richest personally identifying information (PII) datasets. This, combined with open network environments found in educational facilities, is why WatchGuard expects cyber criminals to target student data systems, therefore recommending to harden the protection of database servers and to review the web applications that tie to student data.
"The security threat landscape is constantly changing, as cyber criminals deploy old and new methods to expand their reach, exploit users, and gain access to valuable data," said Corey Nachreiner, chief technology officer at WatchGuard. "To play better defense, we recommend following security best practices; training of employees regarding threats and targeted social engineering techniques; and deploying the latest network security technologies, so organizations identify security issues in real-time to address the majority of attacks we anticipate in 2016."