2014 brought with it many significant additions to the technology landscape. These put new capabilities into the hands of users and companies that allowed them to do things that they would not have thought possible before.
However, these same changes also aid threat actors: threats can now come from unexpected vectors, and augment the existing capabilities that attackers already possess.
What are the key developments that will shape the threat landscape of tomorrow, and how do we foresee its evolution? These are the trends that we think will shape 2015.
1. More cybercriminals will turn to darknets and exclusive-access forums to share and sell crimeware
We've seen cybercriminals using Deep Web and other darknet services as well as untraceable peer-to-peer networks (e.g. Tor, I2P, Freenet) for selling and exchanging tools and services. Takedowns and collaborative efforts between researchers and law enforcement agencies have disrupted cybercrime gangs, forcing them to go further underground.
Security firms and law enforcement agencies need to extend their reach by providing threat intelligence and having one definition of cybercrime to help law enforcers, regardless of jurisdictions, to catch cybercriminals and attackers.
2. Increased cyber-activity will translate to better, bigger, and more successful hacking tools and attempts
Cybercriminals will go after bigger targets rather than home users as this can generate more profits. We will see more data breach incidents with banks, financial institutions, and customer data holders remaining top targets.
As such, organisations and individuals need to assume compromise – enterprises need to constantly monitor their network for any threats while individual users must always change their passwords to prevent data theft.
3. Exploits kits will target Android, as mobile vulnerabilities play a bigger role in device infection
Aside from the growth of Android threats, we will see more vulnerabilities found in mobile devices, apps, and platforms in the coming year. Cybercriminals will target data stored in these mobile devices. In addition, attackers may employ tools similar to the Blackhole Exploit Kit (BHEK), leveraging Android OS fragmentation. Traditional threats like ransomware will plague the mobile landscape as well.
4. Targeted attacks will become as prevalent as cybercrime
The success of high-profile targeted attack campaigns has highlighted the fact that cyber-attacks are useful means of gathering intelligence. With this, we will see targeted attacks from other countries, not just countries that are traditionally the source of these attacks. We will observe more diversity in terms of targets and attack origins as more threat actors with differing agendas are seen.
Although motivations will vary, threat actors will continue to steal information such as top-secret government data, financial information, intellectual property and industry blueprints, among others. Social media will become a new entry point for targeted attacks.
5. New mobile payment methods will introduce new threats
The introduction of Apple Pay with the iPhone 6 and 6 Plus may kick-start the adoption of mobile payment systems by many consumers. Apple Pay is not alone in the market – other payment systems have or will be introduced by other companies and trade associations. Not all of these payment systems have been thoroughly tested to withstand real-world threats, presenting potential vulnerabilities for attackers.
6. We will see more attempts to exploit vulnerabilities in open source apps
In 2014, we saw several vulnerabilities in open-source projects such as Shellshock and Heartbleed which had long lain undetected. Due to the massive impact of these vulnerabilities, cybercriminals and attackers may decide to investigate the existing code and see if other dormant vulnerabilities are present.
They will also target other less-known platforms, protocols, and software. Furthermore, they will look for vulnerabilities found in open source platforms and apps (for example Open SSL v3) as well as OS kernels.
7. Technological diversity will save IoE/IoT devices from mass attacks, but the same won't be true for the data they process
The sheer variety of connected devices will provide some measure of safety – no single attack will be capable of targeting everything from home appliances to cars. However, the data gathered by these devices may well be at risk if companies providing various IoE services are breached. As mass adoption grows, we will also see increased attacks on wearables, particularly as consumers bring devices into the workplace.
8. More severe online banking and other financially motivated threats will surface
Weak security practices like not using two-factor authentication and chip-and-pin technology continue to persist in the banking sector. These practices will cause financially motivated threats to grow in scale throughout the coming year.
Apart from credentials, cybercriminals will steal user identities. Mobile device users will also be affected by these threats as cybercriminals will launch mobile phishing attacks, use fake apps and domain name system (DNS) changers. We will see stealthier mobile threats that use packers similar to computer software.
The price of freedom is eternal vigilance, and we'll continue to keep these – and other – threats under careful observation throughout 2015. We urge all security conscious companies to ensure they have taken the necessary steps to protect themselves from the ever evolving threat landscape.
- Raimund Genes is Chief Technology Officer at Trend Micro