*** What to be concerned with in 2016: Gartner Report
Harriet Taylor, in a December 28, 2015 article on CNBC’s website is the latest in a series of articles on the evolving cyber threat and what may be the top cyber threats next year. “Headless worms, machine-to-machine attacks, jailbreaking, ghostware, and two-faced malware,” top the list of key cyber threats to prepare for next year.” In the coming year,”hackers will launch increasingly sophisticated attacks on everything from critical infrastructure, to medical devices,” said Fortinet Global Security Strategist, Derek Manky. “We are facing an arms race in terms of security. Every minute we sleep, we are seeing about a half a million [cyber] attack attempts that are happening in cyber space,” he added.
Here’s How The 2016 Cyber Threat Landscape Looks To Some Experts:
The rise of machine-to-machine attacks: Research company Gartner predicts there will be 6.8B connected devices in use in 2016; a 30 percent increase over 2015. By 2020, that number will jump to more than 20B connected devices, the company forecasts. That would mean an average of two to three Internet-connected devices for every human being on the planet. The sheer number of connected devices, or ‘Internet of Things (IoT), presents an unprecedented opportunity for hackers. “We’re facing a massive problem moving forward for growing attack surface,” said Manky.
“That’s a very large playground for attackers, and consumer and corporate information is swimming in that playground,” he said. In its 2016 Planning Guide for Security and Risk Management, Gartner said: “The evolution of cloud and mobile technologies, as well as the emergence [maturation?] of the IoT,’ is elevating the importance of security and risk management foundations.”
“Smartphones present the biggest risk category going forward,” Manky believes. “They are particularly attractive to cyber thieves because of the sheer number in use, and multiple vectors of attack, including malicious apps and web browsing;
“We call this drive-by-attacks — websites that will fingerprint your phone when you connect to them; and, understand what that phone is vulnerable to,” Manky said,. “Apple devices are still the most secure,” he added. But, he also cautioned that there is no such thing as a totally safe device connected to the IoT.
Are you nurturing a headless worm?: “The new year will likely bring entirely new [cyber] worms and viruses able to propagate from device-to-device,” predicts Fortinet. the new year will see the first “headless worms” — malicious code — targeting “headless devices,’ such as smartwatches, smartphones, and medical hardware;” “These are nasty bits of code that will float through millions, and millions of computers,” Manky warns. “The largest we’ve seen to date, is about 15 million infected machines, controlled by one network — with an attack surface of 20B devices. Certainly that number can spike to 50M, or more. You can suddenly have a massive outage globally, in terms of all these consumer devices just simply dying and going down [dark];”
Jailbreaking the cloud: “Expect a proliferation of attacks on the cloud, and cloud infrastructure, including so-called virtual machines, which are software-based computers. There will be malware specifically built to crack these cloud-based systems “Growing reliance on virtualization; and both private and hybrid clouds — will make these kind of attacks even more fruitful for cyber criminals,” according to Fortinet. “At the same time, because apps rely on the cloud, mobile devices running compromised apps will provide a way for hackers to remotely attack public and private clouds and gain access to corporate networks.”
Hackers will use Ghostware to conceal attacks: “As law enforcement boosts its [cyber] forensic capabilities, hackers will adapt to evade surveillance and detection, [Stealth] malware designed to penetrate networks, steal information, then cover up its tracks will emerge in 2016. So-called Ghostware, will make it extremely difficult for companies to track exactly how much data has been compromised, and hinder the ability of law enforcement to prosecute cyber criminals.”
“The attacker and the adversaries are getting much more intelligent now,” Manky said.
“Alongside Ghostware, cyber criminals will continue to employ so-called “blastware,” which destroys and disables a system/s when detected. “Blastware can be used to take out things like critical infrastructure, and it’s much more of a damaging attack,” he added.
“Because attackers may circumvent preventative controls, detection and response capabilities are becoming increasingly critical,” advises Gartner in its report.
Two-Faced malware: “Many corporations now test software in a safe environment called a sandbox, before running it on their networks.” “A sandbox is designed to do deeper inspection to catch some of these different ways that they’re trying to change their behaviors,” Manky said. “It’s a very effective way to look at these new threats as we move forward.”
“That said,” Ms. Taylor writes, “hackers in turn, are creating malevolent software that seems benign under surveillance; but, morphs into malicious code, once it’s no longer under suspicion. It’s called……two-faced malware.”
WHAT FORTINET DID NOT ADDRESSLots to think about with these 2016 predictions in the cyber realm. Clearly, there is no such thing as a digital Maginot Line; and, even if there were — we all know how that worked out for France. Stealth malware, malware that goes dormant when under surveillance; and/or changes like a chameleon, infected clouds, deceptive clouds, combat clouds, hijack clouds — one is to some degree only limited by one’s imagination. It truly is a digital wilderness of mirrors.Fortinet did not address encryption and the Dark Web. What nasty surprises will the Dark Web have for us in 2016? Will we be able to develop something akin to a router that cleans out our pipes at home — in the digital world? How will we ever really know if our systems are ‘clean?’ How are stay-behinds, also known as the gifts that keep on giving — likely to evolve? What about downloading, or stealing information in an encrypted and clandestine mode? And, one must not forget the widespread practice of denial, and deception. How will the field of digital forensic attribution evolve? Will it get ‘easier’ to pin the tail on the donkey?; or, more complicated and difficult? What about the purposeful; but, sophisticated corruption of data?Fortinet did not address the growing threat of ransomware. Kaspersky Labs, in its 2016 forecast, “expects to see the success of Ransomweare to spread to new frontiers.” “Not only does Kaspersky lab expect Ransomware to gain ground on banking trojans; but, Kaspersky also expects it to transition to other platforms; i.e., cross the rubicon — to not only target Macs; but, also charge ‘Mac prices. Then, in the longer term, there is the likelihood of the IoT ransomware — begging the question, how much would you be willing to regain acces to your TV programming? Your fridge? Your car?,” Kaspersky asks.Kaspersky Labs also “expects the trend of cyber ‘guns-for-hire,’ to continue to evolve and grow.” Will we see white-hat cyber mercenaries — i.e., a different version of Anonymous — or cyber militias for hire to ‘fight’ against the bad guys? What about black-hat cyber mercenaries, and the potential emergence of a ‘Dr. No’ in the digital world.Will we see the emergence of lethal, offensive cyber weapons — where the objective is to cause loss of of life? Or, will we see the emergence of a cyber weapon of mass disruption? A Stuxnet on steroids?What about cyber ‘bomb damage assessment? Can we/have we achieved the ability to conduct elegant, targeted, offensive cyber offensive operations, that do not cause excessive digital collateral damage?Will 2016 finally see a larger-scale cyber attack here in the U.S. and abroad?Will the cyber threat to our stand-alone systems become even more profound? It has already been demonstrated by researchers at Ben Gurion University in 2014 — that stand-alone systems could be breached using the effluent heat coming off the system.Will the cyber/digital decision tree on when to respond, how, where, why, with what, come to the fore in the strategic realm?How will cyber tradecraft evolve and mature?Will the Islamic State, al Qaeda, other terrorist groups attempt to launch a major cyber attack on the U.S.?