New Year, New Challenges: 5 Trends That Will Dominate Cybersecurity in 2016

March 21, 2016 · steveverbanic · Security  · Comments

You will never be done securing your network. That’s the reality you need to face. Cybercriminals are as eager to take advantage of new technology as anyone. So in a New Year, you should expect to be looking at a new threat landscape. Keeping your systems safe means being aware of new threats and planning steps to mitigate the risks. To help you prepare, take a look what Fortinet’s FortiGuard Labs identified as the top five information security threats enterprises will face in 2016.

1. Hackers gain access to and through Internet of Things devices. There are now billions of connected devices making up the Internet of Things (IoT). Each IoT device is a potential target allowing attackers to gain access to your network, and hackers are expected to target the protocols and APIs these devices rely on. The devices are also direct targets of malware; devices from POS terminals to self-driving cars have been compromised. Home automation and connected medical devices remain particularly vulnerable.

2. IoT devices will be targeted by worms. Self-propagating malware, called headless worms, will target the headless devices of the IoT. Once a device is infected, the malware spreads from device to device through trusted communication protocols.

3. Malware will break out of virtual machines. Last year, the VENOM vulnerability targeting virtual machine (VM) hypervisors left millions of systems open to attack. The expanding use of the cloud as well as virtual machines make them tempting targets for cybercriminals. Because cloud systems are often accessed through mobile devices, malware that targets the cloud may be built into mobile app downloads.

4. Cybercriminals will cover their tracks. Because of increased law enforcement activity around cybercrime, cybercriminals will take additional measures to cover their tracks. Ghostware is designed to complete its malicious purpose and then erase signs of its activity. Without the evidence trail, forensic investigators will have a difficult time identifying that a system was compromised, affected data and perpetrators.

5. Malware will hide its true nature in the sandbox. Two-faced malware will recognize whether it’s in a sandbox or production environment. In the sandbox, it performs benign activities. Once in the real network, it starts to execute malicious functions. Two-faced malware will be specifically designed to counter sandbox applications’ rating systems. The implication for companies is that identifying malware will require more thorough verification methods, which could affect performance.

Avoiding these new threats doesn’t mean eliminating usage of the IoT, virtual machines and cloud. Instead, you need to be as innovative as the cybercriminals in identifying where these technologies are used within your organization and taking the necessary steps to secure them.

Because the threats and technologies are new, work with an information technology firm like SLAIT Consulting that has experience implementing security solutions. SLAIT has provided security for more than 25 years and has experience securing modern converged, virtual and cloud architectures. Our 400 professionals work with our clients to develop innovative security solutions that reduce cost, increase performance and mitigate risk.