Let’s face it, there is no magic-bullet technology that will guarantee immunity from internet crime or determined, targeted attacks, but being prepared for the worst can prevent some attacks. So, what lies ahead for 2016? Tarun Kaura, director—solutions product management—Asia Pacific Japan, Symantec, discusses with Sudhir Chowdhary some of the key security predictions for the year ahead.
Excerpts:
By Sudhir Chowdhary
As consumers buy more smartwatches, activity trackers, holographic headsets, and other Internet of Things (IoT) devices, the need for improved security on these devices will become more pressing. According to a recent Gartner report, by 2020 close to 30 billion connected things will be in use across a wide range of industries and the IoT will touch every role across the enterprise.
There’s no doubt the market for Internet of Things-ready devices is growing but it is still very fragmented, with a rich diversity in low-cost hardware platforms and operating systems. Theattacks against these devices will undoubtedly escalate, as we have already seen happen with the attacks on the Android platform.
In addition, the evolving concept of “care is everywhere” may see medical device security become a mainstream topic in 2016. It’s widely known that life-sustaining devices like pacemakers or insulin pumps can be hacked. Fortunately, to-date, no such case has been reported outside proof-of-concept security research; however, the potential impact remains high. Under the evolving umbrella of mobile health, or mHealth, new care delivery models will move devices into the patient’s home. This will place medical devices on public networks, provide medical apps through consumer devices such as smartphones, and interlace personal data with clinical information.
With these changes happening so rapidly, regulation may be forced to catch up with technology in 2016. We may find that some countries or industries will begin to develop guidelines that address the new risks of information use, data ownership, and consent presented by IoT devices.
On the risk of serious attacks to critical infrastructure
We have already seen attacks on infrastructure and in 2016 we can expect this to continue to increase. Motivations for critical infrastructure attacks are both political and criminal, with nations and political organisations operating cyber-warfare campaigns, and criminals attacking for profit or ransom. The industrial IoT is becoming more connected due to requirements and demand for reporting and improved functionality through connectivity with additional services. These changes introduce bigger attack surfaces into the more traditionally hard to secure environments.
On the need for cyber insurance
There are two key factors that attribute to the rapid adoption of cyber insurance: new regulations which obligate companies to respond to information breaches; and the increase of cybercriminals using stolen information for payment fraud, identity theft, and other crimes. Cyberattacks and data breaches cause reputational harm and business interruptions, but most of all—they are expensive. Relying on IT defenses alone can create a false sense of security; however, no organisation is immune from risk. In 2016 many companies will turn to cyber insurance as another layer of protection, particularly as cyber-attacks start mirroring physical world attacks. Cyber insurance offers organisations protection to limit their risk, but companies should consider all coverage options carefully.
Cyber insurance is evolving as fast as technology. What is considered core coverage today was not available as little as three years ago, and enhancements to coverage will continue to be negotiated in the marketplace every day as data breaches and cyber risks evolve.
On the increased attacks on Apple devices
Apple devices have experienced a surge in popularity in recent years. According to IDC, the company now accounts for 13.5% of global smartphone shipments and 7.5% of global PC shipments. This increase in usage has not gone unnoticed by attackers. A rising number of threat actors have begun developing specific malware designed to infect devices running Mac OS X or iOS.
Although the number of threats targeting Apple operating systems remains quite low when compared to the company’s main competitors (Windows in the desktop space and Android in mobile), the amount uncovered has grown steadily in recent years. In tandem with this, the level of Apple-related malware infections has spiked, particularly in the past 18 months.
Should Apple’s popularity continue to grow, it seems likely that these trends will continue in 2016. Apple users should not be complacent about security and change their perception that Apple devices are “free from malware”. They need to take precautions in order to prevent their devices from being compromised.
On the growing threat from ransomware gangs
From early beginnings in Russian speaking counties, ransomware has evolved and spread into Western Europe, the United States, Canada, Australia, Europe and Asia. It is likely that some of the gangs responsible for the original ransomware are part of this expansion, but other established criminal gangs are also becoming involved. Clearly, the fraud is profitable for criminals and is likely to increase.
It is also possible that ransomware gangs will come into conflict with more traditional malware distributors in 2016. Ransomware infections are overt and obvious, while most other malware infections are covert and discreet. The presence of ransomware on a computer will usually prompt the computer owner to clean the machine thoroughly, removing any malware from it. As the ransomware may have been installed by a separate piece of malware, that other malware will also be removed, cutting into the malware operator’s business model.
In 2016, more malware distribution networks may soon refuse to distribute such obvious malware, forcing the ransomware gangs to develop their own distribution methods. As awareness of these scams increases, the attackers and their malware are likely to evolve and use more sophisticated techniques to evade detection and prevent removal.
