It’s that time of year again when security companies start issuing their yearly reports, loaded with predictions for cyber threats landscape for the upcoming year.
McAfee Labs have just published their report, entitled McAfee Labs Threat Predictions Report. Reflecting the opinions of 33 Intel security thought leaders, this report lists the top security threats companies should take into consideration when planning their security strategies.
“The best hockey players navigate within the ice rink, grapple with opposing players, take advantage of opportunities when available, and, critically, as Wayne Gretzky said, always skate to where the puck is going to be—not where it has been,” said Vincent Weafer, vice president of Intel Security’s McAfee Labs. “To address the business, technology and threat landscape realities facing them, we must help organizations get to where they need to be, using technologies that will enable and not hinder their businesses, and understand what kinds of threats could be confronting them tomorrow and far into the future.”
So, without further ado, here are some of the cyber threat predictions for 2016, according to Intel security experts. We have also included some tips on what companies can do to circumvent the issue.
Attacking enterprises through employees
Companies will continue to improve their security postures by implementing the latest security technologies and creating effective policies. The increased difficulty in getting direct access to the corporate network will encourage attackers to shift their focus, attacking enterprises through their employees, by targeting, among other things, employees’ relatively insecure home systems to gain access to corporate networks.
Tip: Companies should consider training employees on how to safeguard their home networks, as well as review and implement secure remote working practices to better safeguard the corporate network.
Wearables Technology – a new vector of attack?
Most wearable devices store a relatively small amount of personal information, but the concern from Intel is that the wearable platforms might be targeted as a vector for the smartphones connected to the wearables. The industry will work to protect potential attack surfaces such as operating system kernels, networking and Wi-Fi software, user interfaces, memory, local files and storage systems, virtual machines, web apps, and access control and security software.
Tip: Enterprises need to be aware of wearables as a new point of entry to the network. Security policies and practices ought to be put in place. Check out Accenture’s Technology Labs blog for more information.
Hardware attacks at increased risk
“As new or different criminal actors and nation-states start to exercise their cyber threats, we may see more hardware-based attacks as a means to create chaos or deny service to an organization,”said Steven Grobman, CTO at Intel Security. Attackers, frustrated by hardened security, may look lower in the stack for vulnerabilities to exploit. Attacks on all types of hardware and firmware will likely continue, and the market for tools that make these attacks possible will expand and grow. Virtual machines could be targeted with system firmware rootkits.
Tip: Consider hardware encryption. Advantages include “offloading and speeding up the process between five and 20 times, depending on the type of encryption”, says the McAfee report.
Data theft on the rise
2016 will see the development of an even more robust dark market for stolen personally identifiable information and usernames and passwords. Stolen personally identifiable information sets are being linked together in big data warehouses, making the combined records much more valuable to cyber-attackers.
Tip: Consider investing in reputable penetration testing to uncover whether your data – and that of your customers and business partners – is safe from prying eyes.
“Keeping pace with, anticipating and preempting adversaries requires that we match the intelligence exchange, cloud computing and delivery power, platform agility, and human resource assets that cybercriminals regularly leverage,” Weafer continued. “To win battles against future threats, organizations must see more, learn more, detect and respond faster, and fully utilize all the technical and human resources at their disposal.”
For more information, please read the full report: McAfee Labs Threat Predictions Report