/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: Fortinet, has taken a look ahead to determine the most significant cyber security threats of the upcoming year.
As the number of devices connected to the network increase, cyber criminals will continue to hone their prowess when it comes to IoT attacks and advanced evasion techniques, while also continuing to exploit large-scale server side vulnerabilities for financial gains and other nefarious purposes. Businesses and government organizations globally are at risk, as are consumers’ important personal information.
Trends and Cyber Security Threats in 2015 Include:
Blastware to Destroy Systems, Erase Data and Cover Hacker Tracks
This destructive new trend of malware, following Scareware and Ransomware could lead to the ability for hackers to infiltrate systems, gather data and then wipe out the information to on systems and hard drives to cover tracks and thwart forensics.
Hackers Look to Evade Law Enforcement, Frame the Innocent
In 2015, advanced evasion techniques will evolve in order for attackers to cover their tracks. To date, evasion has been currently focused on counter antivirus and intrusion prevention/antibotnet. Fortinet predicts this will evolve with a focus on Sandbox evasion.
In addition, similar to counter intelligence, it is possible that attackers will frame the innocent by throwing more red herrings into their attacks to thwart investigators and intentionally planting evidence that point to an unassociated attacker.
Internet of Things Becomes Internet of Threats (IoT)
Hackers will continue to follow the path of least resistance as more and more devices are connected to the network. Vulnerabilities that Black Hat hackers will look to exploit will include consumer home automation and security systems, as well as webcams, which we are already beginning to see.
On the enterprise side, network attached storage and routers will continue to be targets, as will critical infrastructure such as Human Machine Interfaces (HMI) and Supply Chain systems, which will create significant problems with third-party components and patch management.
Denial of Revenue/Data Breaches Continue and Expand
2014 is becoming known as the "year of the data breach,” with significant thefts from stores like Target, Michaels, P.F. Changs and Home Depot. FortiGuard predicts this trend will continue in 2015 as hackers become more sophisticated and find new loopholes for infiltrating retail and financial systems.
Rise in Counter Threat Intelligence
Crime services and solutions have already supported QA for malware, including sample scanning. Fortinet predicts this to extend to support QA for threat intelligence and undetected coverage for indicator of compromise (IOC) in 2015. As crime services extend their research and coverage, hackers will utilize the same type of processes for determining the best ways to bypass security systems.
Actions in order to protect against new threats:
Actionable Threat Intelligence
In 2015, cyber security vendors and managed security solutions will make an even greater push toward actionable threat intelligence, with proactive services that filter data that matters and alerts clients to their potential vulnerabilities and protection measures, prior to an attack. A vendor’s ability to ensure interoperability between different security products as well as networking, computer, storage and end devices on the network will be a key to success, by helping to create a “self-healing” network similar to SDN.
Proactive Incident Response
Proactive response will significantly reduce damages that organizations will face in future. The selection of third-party vendors that provide more secure development through Product Security Incident Response teams, as well as deep threat research, will limit breach scenarios before they happen.
Rajesh Maurya, country manager, India & SAARC at Fortinet, said, “As threats move to attack new product and software solutions, organizations are at even greater risk. It is imperative they choose not just a security solution, but a proactive and intelligent solution, to protect them from the broad breadth and depth of growing attacks that firewall solutions alone will not stop.”