Cyberoam, a network security appliance firm based in Ahmedbad, India, published its security predictions for 2015 on December 24. These predictions give an overview of industry trends and security challenges businesses are likely to come across in 2015. The security predictions have been prepared with insights from the Cyberoam Threat Research Labs (CTRL).
The 8 predictions made are based on the latest IT trends that closely impact all of us since they co-exist in our personal as well as professional spaces like the Internet of Things, geo-political interferences, attacks on iOS, newer authentication methods replacing traditional passwords, and more. New threat trends like malvertising, exploitation of legacy protocols, et al, also share the spotlight among the predictions for 2015.
Dark clouds over Internet of Things (IoT)
This year IoT will gain wider visibility due to its advancements as well as vulnerabilities. As SCADA systems adopt IOT, their exposure to cyber threats will increase. Remotely connected and automated building control systems also face a similar challenge. Around 2.2 million SCADA and BACnet devices are already exposed to potential cyber-threats as these are identifiable via SHODAN – a search engine for Internet-connected devices.
Meanwhile, government safety requirements such as eCall (Internet assisted emergency reporting in vehicles in Europe) and consumer demand for seamless data connectivity have opened gates for Connected Car infrastructure, which is bringing automakers, telcos and the tech-giants (Google, Samsung and Apple) to a common drawing board. This is a classic example of IoT at work in our day-to-day lives. Meanwhile, mobile apps have started featuring in the Connected Car infrastructure and it is just a matter of time before the vulnerabilities are discovered.
In 2014, the US Department of Homeland Security revealed a trojan named Black Energy affecting the nation’s critical infrastructure. Exploits of Syrian Electronic Army and Regin APT malware campaign also hit headlines.
The Geo-political landscape is changing dramatically around the world and Internet cannot remain insulated from its effects; in fact Internet has become a critical tool for government sponsored propagandas, espionage and cyber-attacks. APT malwares sometimes used in these campaigns grossly undermine legal boundaries. Such malwares were found waiting to be activated in networks of oil and gas pipelines, power transmission grids, water distribution and filtration systems, wind turbines and even some nuclear plants in the US. In such cases, large private businesses also come in the line of fire every now and then.
If conditions deteriorate, which seems to be a decent probability in the coming year, there will be a larger impetus on cyber-attacks from the nations involved, some of which could be revealed during the year itself.
Legacy protocols on target
POODLE, Shellshock and Heartbleed are examples of vulnerabilities in code, which sit hidden for years before been discovered and exploited. The legacy protocols on which Internet seems to run all so well are far from perfect and cyber criminals will continue to exploit the loopholes to their advantage. Some of these protocols being open source face a larger threat.
Moreover, as the Internet makes transition from IPv4 to IPv6, cybercriminals would hunt for latent security gaps. In addition to the vulnerabilities in web browsers, one can also expect client side attacks exploiting application vulnerabilities in widely used frameworks like Adobe, Java, thereby aggravating network security challenges for IT admins in 2015.
Given that healthcare sector is making rapid strides globally in embracing technology and digitising patient care along with storing personally identifiable information, there is a need to strengthen information security. Securing Healthcare data is critical as it is at a higher risk given the fact that this data fetches much higher value in black market than credit card numbers, because it can provide access to bank accounts or help in obtaining prescriptions for controlled drugs. Healthcare sector needs significant improvements in its cyber-preparedness – a fact FBI made amply clear in 2014 when Community Health Systems faced a security breach leading to theft of 4.5 million patient records in the US. More such breaches are expected in 2015.
Malvertising and attacks on e-mail
2014 saw ad networks on reputed websites like Yahoo, AOL and Google being compromised to distribute malvertisements. Malvertising (placing malware laden advertisements on reputed/popular webpages) is likely to become more of a nuisance in 2015. Ad networks are continually compromised and threat actors are relying on the fact that blocking every ad or testing every ad network is not a practical solution. Malvertisers are also at advantage as reputed websites (news and infotainment) are rarely blocked by office firewalls.
Meanwhile, if reports are to be believed, spam is on a decline. This is partly due to the fact that spammers have devised other advanced ways to land mail in the inbox, while others have moved on to sophisticated spear phishing attacks targeting individuals behind corporate firewalls. Nonetheless, the old tactics of crafting fraudulent mails around major global/local events is still profitable for spammers. 2015 will not be any different in this regard, though one can expect to see some newer tricks for evading current e-mail security solutions.
Demand for context aware security
Networks these days generate huge amount of data. This data contains enough cues to offer patterns of human behaviour that can be used to predict and prevent cyber-attacks. However, comprehending and co-relating data out of various logs and reports to get meaningful information requires time and skills. Besides, it carries the risk of human oversight. Enterprises need a security model to harness this information and interpret network traffic to identify suspicious patterns and events. In such a scenario, Big Data analytics tools can offer huge help in co-relating the data with a given user model to spot risky users and trends in a network. In fact, BFSI organisations have already started leveraging Big Data based security analytics for early fraud detection and prevention.
Employing the advancements in Big Data analytics, Context Aware Security solutions such as Cyberoam’s User Threat Quotient (UTQ) can help IT admins in tasks akin to finding a needle in a haystack – identifying a user posing security risk in a network. In 2015, such solutions will prominently be employed by organisations seeking actionable security intelligence.
iOS on the radar of cyber-criminals; Android attacks to continue
Mobile malwares will make a major impact in 2015, as more people are now using handheld devices to access critical business data from cloud apart from banking and payments. In this scenario, the new Android OS, Lollipop, will be put to test. At the same time, as enterprises embrace Apple apps and use of iOS-based devices grows, these are getting on the radar of cyber criminals. Recent trends suggest that in 2015, iOS will get hit by phishing attacks and malwares on a larger scale than ever before.
Solving the puzzle called ‘password’
The quest for replacing ‘password’ as an authentication procedure will gain momentum. It is reported that an increasing number of millennials in the US prefer Apple’s Fingerprint Scan for authentication purpose. However, scaling up biometric authentication techniques like fingerprint scan is a big challenge. Moreover, standalone biometric authentication is not as full proof as thought earlier.
Considering recent incidents of data breaches and credential thefts in mind, the FIDO Alliance recently released its long-awaited 1.0 specifications for passwordless and multifactor authentication systems. A major push to move away from passwords is likely to make hackers more than just shift in their seats.