IoT Attacks and Evasion Will Characterize 2016

Uploaded on 2015-12-01 in TECHNOLOGY-Key Areas-Internet of Things, TECHNOLOGY--Hackers, TECHNOLOGY--Developments, NEWS-Cybersecurity News, FREE TO VIEW

http://blog.fortinet.com

As in years past, the Internet of Things and cloud play heavily in the predictions but new malicious tactics and strategies will create unique challenges for vendors and organizations alike, according to FortiGuard researchers.

They also predict the emergence of increasingly sophisticated evasion techniques that will push the boundaries of detection and forensic investigation as hackers face increasing pressure from law enforcement.

The top cybersecurity trends for 2016 include:

Increased M2M attacks and propagation between devices

Several troublesome proofs of concept made headlines in 2015 demonstrating the vulnerability of IoT devices. In 2016, though, we expect to see further development of exploits and malware that target trusted communication protocols between these devices. FortiGuard researchers anticipate that IoT will become central to “land and expand” attacks in which hackers will take advantage of vulnerabilities in connected consumer devices to get a foothold within the corporate networks and hardware to which they connect.

Worms and viruses designed to specifically attack IoT devices

While worms and viruses have been costly and damaging in the past, the potential for harm when they can propagate among millions or billions of devices from wearables to medical hardware is orders of magnitude greater. FortiGuard researchers and others have already demonstrated that it is possible to
infect headless devices with small amounts of code that can propagate and persist. Worms and viruses that can propagate from device to device are definitely on the radar.

Attacks on cloud and virtualized infrastructure

The Venom vulnerability that surfaced this year gave a hint about the potential for malware to escape from a hypervisor and access the host operating system in a virtualized environment. Growing reliance on virtualization and both private and hybrid clouds will make these kinds of attacks even more fruitful for cybercriminals. At the same time, because so many apps access cloud-based systems, mobile devices running compromised apps can potentially provide a vector for remotely attacking public and private clouds and corporate networks to which they are connected.

New techniques that thwart forensic investigations and hide evidence of attacks

Rombertik garnered significant attention in 2015 as one of the first major pieces of “blastware” in the wild. But while blastware is designed to destroy or disable a system when it is detected (and FortiGuard predicts the continued use of this type of malware), “ghostware” is designed to erase the indicators of compromise that many security systems are designed to detect. Thus, it can be very difficult for organizations to track the extent of data loss associated with an attack.

Malware that can evade even advanced sandboxing technologies

Many organizations have turned to sandboxing to detect hidden or unknown malware by observing the behavior of suspicious files at runtime. Two-faced malware, though, behaves normally while under inspection and then it can deliver a malicious payload once it has been ‘blessed’ and passed by the sandbox. This can prove quite challenging to detect but can also interfere with threat intelligence mechanisms that rely on sandbox rating systems.
Net-security: http://bit.ly/1Ik9YFz

 

« IBM's CEO On Hackers: 'Cyber Crime Is The Greatest Threat To Every Company In The World'
Presidential Candidate John McAfee Talks Cyber »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security

Phoenix Contact Cyber Security is a leading manufacturer of network security appliances for use in industrial environments.

mmCERT

mmCERT

mmCERT is the national Computer Emergency Response Team for Myanmar.

GE Digital

GE Digital

GE Digital is a leading software company for the Industrial Internet. Products include Industrial Cyber Security for Operational Technology (OT).

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

totemo

totemo

Totemo offers solutions for the secure exchange of business information.

Commonwealth Cybercrime Initiative (CCI)

Commonwealth Cybercrime Initiative (CCI)

The CCI unites 35 international organisations contributing to multidisciplinary programmes in Commonwealth countries. These organisations form the CCI Consortium.

NSA Career Development Programs

NSA Career Development Programs

NSA offers entry-level programs to help employees enhance their skills, improve their understanding of a specific discipline and even cross-train into a new career field.

Blackwall

Blackwall

Blackwall (formerly BotGuard) is a security infrastructure company focused on protecting web ecosystems from automated threats, while optimizing performance for hosting environments.

Neosecure

Neosecure

NeoSecure is a specialist Cybersecurity Solutions and Managed Services provider in Latin America.

Sentryc

Sentryc

Sentryc provides automated monitoring of brands on online marketplaces and social media making online brand protection processes faster, more clearly structured and more efficient.

Aardwolf Security

Aardwolf Security

Aardwolf Security specialise in penetration testing to the highest standards set out by OWASP. We ensure complete client satisfaction and aftercare.

BetterWorld Technology

BetterWorld Technology

BetterWorld Technology provides cloud solutions, managed services, SaaS, cybersecurity and virtual CIO, all customized to meet your needs.

L&T Technology Services (LTTS)

L&T Technology Services (LTTS)

L&T Technology Services Limited (LTTS) is a global leader in Engineering and R&D (ER&D) services.

Robust Intelligence

Robust Intelligence

Robust Intelligence enables enterprises to secure their AI transformation with an automated solution to protect against security and safety threats.

SafeLiShare

SafeLiShare

SafeLiShare’s data security platform unifies encryption strategies for organizations with hybrid and multi-cloud infrastructures, ensuring data is secure regardless of its location.

Sprinto

Sprinto

Ambitious tech companies all over the world trust Sprinto to power their security compliance programs and sprint through audits without breaking their stride.