Predicting the future is almost impossible especially with such a fast evolving topic like cybersecurity. Nevertheless I’ll give it a try and share some of my thoughts with you.
I had a lot of chats with CIOs, CEOs and COOs as well as journalists talking about what we all see what our biggest fears are and what they and I expect to see in the near future.
Here are my thoughts about theTop 5 challenges our world will face in 2015. Just in case you would like to add something feel free to drop me a line and I will add your thoughts / comments promptly.
Top 1: Rent-A-Botnet
As we all saw in the past that botnets seem easy to rent (1.000 for some 100 USD down to 10 USD for an hour accesstime) the service quality is dramatically increasing while prices are decreasing. The service quality is key to the evolution of this market. When selling services to the “normal” world credentials are important. Selling services on the dark side means that delivering cybercrime services is only possible when having top credentials and a hard proof of delivery and 100% reliability. These requirements drive service quality enhancements that even lead to service desk support with your rented bot net, customization support and other services most people can hardly imagine when talking about a crime scene. We even see that targeted attacks lead to new customer creation efforts. An example is that DDoS targets sometimes receive blackmail eMails with 3 key messages:
1. Pay the fee to avoid DDoS attacks leading to unavailability of your services
2. Do not contact any cybersecurity specialist to defend your services because this will lead to a dramatical increase in bots attacking you
3. Order your own botnet attack against attackers and you will receive a discount of 20-40%
Top 2: Industry 4.0
Industry 4.0 discussions very often end up in security concerns. On one hand companies fear that SCADA systems, PLCs and Industry devices could come under fire. This is a serious concern and it is very realistic when considering that a lot of industry devices are not hardened but connected to office networks having no virus scanners and very often being protected by firewalls having more communication exceptions than limitations.
Imagine that in combination with IP V6 internet structures become more stable and reliable and your refrigerator, lightbulb or industry roboter is infected and becomes part of a botnet or is in other ways involved in cybercriminal activities.
Top 3: Data Destruction
2014 ended up with a huge security incident at Sony pictures. We saw problems at Sony companies before like the PSN hack. Nevertheless the hack shows a new quality in cyberattacks. It became very common to hack companies and to leak information as a “proof of hack” to make the cybercriminal business plan work. During this hack we saw that users couldn’t use their workstations any more and data destruction seemed to be part of the game. Also in other security incidents we became aware of the fact that data loss is common but data manipulation and data destruction become even more serious and are on the rise.
Top 4: Supply Chain Security
In the past we already recognized the supply chain security seems to be important but the headlines have not been filled with stories about companies being attacked using supply chain connections. One of the most remarkable stories has been the virus problem on Predator and Reaper drones in 2011. Other hacks we saw in 2014 demonstrated that very often companies rely on their security measures like firewalls, awareness trainings, encryption and so forth. But as we all know is the strength of a chain determined by the weakest link which is very often a supplier. A “good” example is the “Target” breach where Fazio Mechanical, an air condition and heating maintenance company, was compromised. As we all know for various investigation reports on Targets incident the attack on their supplier seemed to be high sophisticated.
With research on this topic we see this threat on the rise and being more and more successful.
Top 5: Mobile Device Exploit Kits
Years ago mobile devices have been pretty safe. But with the trend showing that mobile devices may replace notebooks and “thick clients” in general Exploit kit developers seem to start focussing on mobile device exploit kits. The mobile world seems to know several Operating Systems but in the end these are only 3 (IOS, Windows and Android). At least IOS shows only few variants – users keep their IOS up to date so that creating one exploit kit has a huge impact in the user community. Also with spyware for smartphones increasingly being thrown on the market a baseline software repository to duplicate calls, copy WhatsApp conversations as well as SMS messages is available. The step from “legal spyware” (in Germany it is not legal but in other jurisdictions its use is pretty common) to an exploit kit is pretty small.
Right now effective antivirus and other prevention software is hard to find and only few users even care about this problem leads to millions of vulnerable devices being in the focus of cybercriminals.