2016 Cyber Threat - Use To Advantage

Uploaded on 2016-01-22 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Based on observations over the past year, here are Security Week’s predictions for threat activity in 2016.

1. Attribution remains murky. Last year both the variety of threat actors and the ability to neatly “classify” these actors into types became much more difficult as attack behaviors changed, and motivations and threats increased in their complexity. Actors no longer work in set groups, but combine with others, involve multiple individuals, and use facades to hinder attribution. This all but ensures that attribution will be even more challenging in 2016.

2. Ransom continues to rule. Extortion as a mode of attack became a popular tactic for threats actors in 2015, and on a few occasions attackers have taken it to the level of demanding that businesses shut down entirely. Having proven that this is a profitable enterprise, attackers will likely further innovate their business models based on ransom and extortion in 2016.

3. More attackers share the global stage. Advanced attack methods, such as custom malware or unusual attack vectors, were historically the domain of nation states with significant engineering capability; often those states that have or are developing a nuclear defense capability. In 2015, non-nuclear states and organized criminal groups adopted these techniques thanks to lower barriers to entry and the increased trade in espionage capabilities. We can safely expect that in 2016 non-nuclear states will continue to develop their cyber capabilities and compete on the global stage.

4. Criminals follow the money. Organized criminals are focusing more intently on high value targets that provide a large value single payout. This is in contrast to the traditional consumer-focused malware approach that these groups have exploited in the past. This is highlighted even more with the Carbanak/Anunak attacks. Examples of high value/low volume transactions that may be targeted in 2016 are payroll, mortgages, and investment transactions.

5. Hacktivists get more sophisticated. Hacktivists continue to be motivated by embarrassment of their targets, but their tactics are no longer simply DDoS, doxing, and defacement. In 2015 hacktivists stole and published data in order to attract awareness to their cause, continuing to embarrass their targets despite the collateral damage. In 2016 hacktivists will use more tactics, techniques and procedures that were previously considered the preserve of cyber criminals.

6. Dark web marketplaces scramble for leadership. Global law enforcement will continue to takedown large dark web marketplaces. This will likely lead to a fragmentation of the market and rival marketplaces scrambling for pole position. This means that in 2016 we can expect the dark web will move to employ overlay networks other than Tor.

7. Attacks on the retail industry evolve. Spurred by the recent requirements for EMV chip card compliance, cyber criminals will continue to develop more sophisticated Point-Of-Sale (POS) malware.

As I stated at the beginning of this article, the point of these predictions isn’t to present a ‘gloom and doom’ scenario. Instead, we can use this information to our advantage. That’s what cyber situational awareness is all about: bringing together relevant and contextual insights to prioritize threat protection and policies and administer takedowns in order to mitigate harmful events.

Information about malicious actors is an important component of cyber situational awareness, because it analyzes which malicious actors might be targeting an organization, why, and their methods of attack. It’s even more critical that this analysis be tailored specifically to organizations and their unique threat environments. With a better understanding of what the future may hold, organizations can gain an upper hand with the adversary, preventing, detecting and containing cyber-related incidents.

Security Week: http://bit.ly/1K9MBKF

« Commercial Opportunities To Be Found In Security Problems
UK Police Deploy Drone-Jamming Technology at Major Public Events »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Malwarebytes

Malwarebytes

Malwarebytes provides artificial intelligence-powered technology that stops cyberattacks before they can compromise computers and endpoints.

AFCON Control & Automation

AFCON Control & Automation

AFCON is a leading global provider of software solutions and services for the smart management of Control & Automation systems in the age of Digital Transformation.

Magal Security Systems (Magal S3)

Magal Security Systems (Magal S3)

Magal Security Systems is a leading international provider of integrated solutions and products for physical and cyber security, safety and site management.

Calero Software

Calero Software

Calero is a leading global provider of Communications and Cloud Lifecycle Management (CLM) solutions designed to simplify the management of voice, mobile and other unified communications services.

Intuity

Intuity

The Intuity suite of services provides companies with a complete awareness of their security status and helps them in an efficient, efficient and sustainable improvement process.

RCMP National Cybercrime Coordination Unit (NC3)

RCMP National Cybercrime Coordination Unit (NC3)

As set out in the Government of Canada's National Cyber Security Strategy, the RCMP has established the National Cybercrime Coordination Unit (NC3).

AXELOS

AXELOS

AXELOS develops best practice frameworks and methodologies used globally by professionals working primarily in IT management and cyber resilience.

Critical Start

Critical Start

Critical Start provides Managed Detection and Response services, endpoint security, threat intelligence, penetration testing, risk assessments, and incident response.

Robert Walters

Robert Walters

Robert Walters is one of the world's leading global specialist professional recruitment and recruitment process outsourcing consultancies.

Cybermerc

Cybermerc

Cybermerc's services, training programmes and cyber security solutions are designed to forge collaborations across industry, government and academia, for collective defence of our digital borders.

Constella Intelligence

Constella Intelligence

Constella Intelligence provides digital risk protection services to quickly and efficiently disrupt cyber attacks and data breaches before they occur.

Content+Cloud

Content+Cloud

Content+Cloud is a leading technology services business and Managed Services Provider (MSP) with a genuine passion for helping your organisation to succeed, whatever your ambitions.

Quantum Star Technologies

Quantum Star Technologies

Quantum Star Technologies has developed Starpoint to be a next-next-generation solution to cyber security threats. Our mission is to secure the online world through our patented technology.

Schillings

Schillings

Shillings defends your rights to privacy, reuptation and security. We fight passionately against breaches of your privacy, attacks on your reputation and threats to your security.

Infoline Tec Group Berhad

Infoline Tec Group Berhad

Infoline Tec Group Berhad is principally involved in providing IT infrastructure solutions, cybersecurity service provider and solutions, managed IT and other IT services.

AddSecure

AddSecure

AddSecure is a leading European provider of secure IoT connectivity and end-to-end solutions.