2016 Cyber Threat - Use To Advantage

Uploaded on 2016-01-22 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Based on observations over the past year, here are Security Week’s predictions for threat activity in 2016.

1. Attribution remains murky. Last year both the variety of threat actors and the ability to neatly “classify” these actors into types became much more difficult as attack behaviors changed, and motivations and threats increased in their complexity. Actors no longer work in set groups, but combine with others, involve multiple individuals, and use facades to hinder attribution. This all but ensures that attribution will be even more challenging in 2016.

2. Ransom continues to rule. Extortion as a mode of attack became a popular tactic for threats actors in 2015, and on a few occasions attackers have taken it to the level of demanding that businesses shut down entirely. Having proven that this is a profitable enterprise, attackers will likely further innovate their business models based on ransom and extortion in 2016.

3. More attackers share the global stage. Advanced attack methods, such as custom malware or unusual attack vectors, were historically the domain of nation states with significant engineering capability; often those states that have or are developing a nuclear defense capability. In 2015, non-nuclear states and organized criminal groups adopted these techniques thanks to lower barriers to entry and the increased trade in espionage capabilities. We can safely expect that in 2016 non-nuclear states will continue to develop their cyber capabilities and compete on the global stage.

4. Criminals follow the money. Organized criminals are focusing more intently on high value targets that provide a large value single payout. This is in contrast to the traditional consumer-focused malware approach that these groups have exploited in the past. This is highlighted even more with the Carbanak/Anunak attacks. Examples of high value/low volume transactions that may be targeted in 2016 are payroll, mortgages, and investment transactions.

5. Hacktivists get more sophisticated. Hacktivists continue to be motivated by embarrassment of their targets, but their tactics are no longer simply DDoS, doxing, and defacement. In 2015 hacktivists stole and published data in order to attract awareness to their cause, continuing to embarrass their targets despite the collateral damage. In 2016 hacktivists will use more tactics, techniques and procedures that were previously considered the preserve of cyber criminals.

6. Dark web marketplaces scramble for leadership. Global law enforcement will continue to takedown large dark web marketplaces. This will likely lead to a fragmentation of the market and rival marketplaces scrambling for pole position. This means that in 2016 we can expect the dark web will move to employ overlay networks other than Tor.

7. Attacks on the retail industry evolve. Spurred by the recent requirements for EMV chip card compliance, cyber criminals will continue to develop more sophisticated Point-Of-Sale (POS) malware.

As I stated at the beginning of this article, the point of these predictions isn’t to present a ‘gloom and doom’ scenario. Instead, we can use this information to our advantage. That’s what cyber situational awareness is all about: bringing together relevant and contextual insights to prioritize threat protection and policies and administer takedowns in order to mitigate harmful events.

Information about malicious actors is an important component of cyber situational awareness, because it analyzes which malicious actors might be targeting an organization, why, and their methods of attack. It’s even more critical that this analysis be tailored specifically to organizations and their unique threat environments. With a better understanding of what the future may hold, organizations can gain an upper hand with the adversary, preventing, detecting and containing cyber-related incidents.

Security Week: http://bit.ly/1K9MBKF

« Commercial Opportunities To Be Found In Security Problems
UK Police Deploy Drone-Jamming Technology at Major Public Events »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ENVEIL

ENVEIL

ENVEIL’s technology is the first scalable commercial solution to cryptographically secure Data in Use.

Hivint

Hivint

Hivint is a new kind of Information Security professional services company enabling collaboration between our clients to reduce unnecessary security spend.

SoftLock

SoftLock

Softlock is a regional leader in Information Security providing solutions, consulting, integration and testing services to protect information assets, identities and supporting infrastructure.

Government Communications Security Bureau (GCSB) - New Zealand

Government Communications Security Bureau (GCSB) - New Zealand

GCSB contributes to New Zealand’s national security by providing information assurance and cyber security to the New Zealand Government and critical infrastructure organisations.

VaultOne

VaultOne

VaultOne is a next-generation security solution that addresses security issues from different domains (Password Manager, Secure Access, PAM, Identity Management) as a single, integrated solution.

CyBOK - University of Bristol

CyBOK - University of Bristol

CyBOK is a comprehensive Body of Knowledge to inform and underpin education and professional training for the cyber security sector.

CM Blockchain Security Center

CM Blockchain Security Center

We are dedicated to building a healthier blockchain ecosystem, providing solutions to security technology, and helping those who practice in the area of blockchain to get insight into industry trends.

Cloudsine

Cloudsine

Cloudsine (formerly Banff Cyber Technologies) is a cloud technology company specializing in cloud adoption, security and innovation.

Enzoic

Enzoic

Enzoic is an enterprise-focused cybersecurity company committed to preventing account takeover and fraud through compromised credential detection.

Brennan IT

Brennan IT

For over 25 years, Brennan’s expert team has helped businesses achieve real success through innovative and secure technology solutions.

Getvisibility

Getvisibility

Getvisibility enables customers to detect, classify and protect sensitive information increasing data security, governance, compliance and lowering the risk of losing valuable data.

Teal Technology Consulting

Teal Technology Consulting

TEAL Technology Consulting is your trusted advisor for all your information security needs.

Emircom

Emircom

Emircom is one of the Middle East's leading independent providers of IT infrastructure services, helping clients to drive growth and deliver measurable outcomes.

Leapfrog Services

Leapfrog Services

Leapfrog offers outsourced managed IT + cybersecurity services that are scalable, aligned, and fit easily into your business model.

Tundra Managed Solutions

Tundra Managed Solutions

Tundra Managed Solutions is a comprehensive IT services division offering a wide range of managed solutions designed to meet the diverse needs of businesses.

Seasia Infotech

Seasia Infotech

Seasia Infotech is a leader in offering efficient, tailor-made and comprehensive digital transformation services.