In the information security circle, 2014 seems like a never-ending stream of data breaches and cyber threats, affecting banks, retailers, governments, gaming networks and many more.According to Steve Durbin, managing director of the Information Security Forum (ISF), the year 2014 may be drawing to a close, but we can expect that the severity, size, and complexity of the cyber threats to continue increasing in 2015.
Since the number of devices linked to the network increase, cyber criminals will continue to hone their prowess and continue to exploit large-scale server side vulnerabilities for their financial gains and other nefarious purposes. In this article, we have predicted some significant trends and cyber security threats of 2015 that information security companies & IT security companies should know:
Internet of things may become Internet of Threats (IoT)
In the year 2014, we saw an interesting shift like Shellshock and Heartbleed that are focused on server side exploitation and vulnerability. In 2015, we expect this threat to continue and that’s too in an alarming way as the black hat hackers pry open the ‘Internet of Things’. The hackers will continue to follow the least resistance path because now more devices are connected to the network. Some of the vulnerabilities that the hackers will look to exploit include security systems and consumer home automation, as well as webcams, which we are already beginning to see.
On the Enterprise side Routers and Network Attached Storage will continue to be the main targets, as will critical infrastructure such as Supply Chain systems and Human Machine Interfaces (HMI), which will create significant problems with the patch management and third-party components. It is also predicted that some common malware that may be distributed and sold will include SCADA functionality.
Blastware May Erase Data and Destroy Systems
After Ransomware and Scareware, now Blastware has become a destructive new trend of malware that could lead to the ability for hackers to infiltrate systems, gather all the important data and then wipe out all the information to cover tracks and thwart forensics.
Data Breaches Continue and Expand in 2015
The year 2014 is known as the “year of the data breach,” with significant rise in data breaches. It is predicted that this trend will continue in the year 2015 as the hackers become more sophisticated and find the new loopholes for infiltrating financial and retail systems. It is also predicted that the damages will extend to the denial of service on assembly line, ERP/SAP systems, as well as building management and healthcare that will create even more challenges in the way of revenue losses, critical consumer data compromises, and reputation damages for the companies globally.
Hackers Look to Evade Law Enforcement
Since cyber crime increases in 2015, the law enforcement practices to penalize perpetrators increase with it. Therefore, hackers must be more calculated and careful to evade the arrest. In the year 2015, advanced techniques for evasion will evolve in order to cover the tracks. The evasion has been currently focused on intrusion prevention/antibotnet and counter antivirus. It is predicted thatthis will evolve with a focus on the Sandbox evasion. Besides, similar to the counter intelligence, it may be possible that the attackers will frame the innocent target by throwing more red herrings into their attacks to thwart investigators.
Author Bio: Neha is an info-sec expert working with one of the best information security company in India. Neha has been into this industry since over half a decade, she loves to share her experience through articles and blogs.