What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (Europe Middle-East and Africa) Region

What lies ahead?

2016 Cyber Security predictions from Symantec in the EMEA (Europe Middle-East and Africa) Region

With 2016 just around the corner, threat intelligence experts at Symantec and Norton have shared their threat predictions for the year ahead and for the EMEA region.

Secure By Design

The IoT or the IoV - without ‘security by design’, the Internet of Things will still be the Internet of Vulnerabilities.

Copyright © 2015 Symantec Corporation

3

Consumers

• Attackers follow opportunity and with more and more connected devices, the interest for attacks against IoT devices will continue to grow. We think there will be occasional smaller outbreaks and early adopters need to be forewarned.

• We expect ad-clicking and ransomware attacks to be the first type of real cybercrime impact for IoT devices. Certificates and code signing will play an important role in securing IoT devices but as we move forward security will need to be bred in the bone of newly designed IoT devices.


4

Industry

• Production downtime due to external attacks or IT failures will cause challenges for adoption and development of Industry 4.0 but there will be an inexorable march to connectivity. Data protection strategies and threat telemetry will need to evolve.

• We believe CISOs, a staple in every business, will take a comprehensive security approach to their IT infrastructure, as well as dedicated layers of protection.

• Embedding the principle of security by design into how we produce new technologies will be critical over the next few years. The environment in which these new technologies evolve must have these principles at its core, to ensure it is as safe as possible and avoid hacks at later stages.

Privacy And Data Protection


6

‘Is this safe?’ consumer kickback on wearable’s data

As wearables are adopted by the mainstream the debate will reach a new furore. As more data is collected and there’s greater competition in systems and devices, customers, businesses and governments will begin to ask the right questions: Where is my data going? What is used for? Is this safe?


7

Covering our backs: insurance, liability and regulation

Cyber-insurance: Insuring good behavior

With the sheer volume of breaches in 2015 cyber insurance for businesses and individuals is inevitable. ‘cyber’ prefixes and clauses will become commonplace and it’s likely that greater onus will be put on consumers and businesses to adopt secure practices, or risk exposure and an ‘I told you so’ from their insurers. For businesses this will mean processes, training and education for staff. For consumers this will mean greater scrutiny of what they are sharing and with who. Nothing like getting hit in the excess to encourage secure practices.


8

Covering our backs: insurance, liability and regulation

Privacy laws will go one step further

The EU Data Protection directive will clearly transform data governance in the EU. Organizations have to adhere to new requirements around the processing of personal data, and introduce stricter rules around compliance. This is challenging even for the most informed, and has raised concerns over complexities around new information management processes and increasing costs, but this is necessary for people to realize the true potential of the internet and new technologies, while putting appropriate safeguards in place to ensure personal privacy is protected.

Evolution Of The Threat Landscape


10

Blurred Lines Between Nationstate And Lonewolf Attacks

The level of sophistication previously associated with state sponsored attacks will be seen in lonewolf attacks too. The number of hacking groups, conducting highly sophisticated targeted attacks will blur the line between common cybercrime and targeted attacks. We’ll increasingly see conflicts in the ‘real world’ play out in cybercrime, with new, politically motivated, players emerging.


11

Custom built attacks

Targeted attacks on governments and businesses will become even more targeted, due to this greater professionalism in hacking groups. To evade detection and get around security controls attacks will be built for purpose.

We believe that each victim will have a unique C&C server, newly built malware and different attack vectors.

This will make it more difficult to detect attacks by simple Indicators of Compromise (IoC) sharing and require advanced correlation methods across industries and countries.


12

Hacking groups will become better at covering their tracks and diverting attention away from their intended targets. They’ll implement better operational security on their backend infrastructure making takedowns and identification of the stolen data and attribution even harder. To evade early detection, encrypted communications with standard SSL traffic will be used and common cybercriminal Trojans will be deployed to blend in with the masses of traditional cybercrime.”

Candid Wueest Threat Researcher


13

“This evolution will fuel increased openness and collaboration in the Security Analytics space. It will be some time before this all comes together but over 2016 we expect to see an increase in sharing anonymised security telemetry. As a result, some interesting new partnerships are likely to emerge over this period.”

Darren Thomson CTO and VP of Technology, EMEA


14

Extortion scams will continue to grow in popularity. They’re profitable, relatively simple and offer vindictive entertainment for those pursuing attacks for kicks rather than financial gain. Crypto ransomware will grow, holding data to ransom for its return. But we’ll also see growth in cases where an attacker threatens a public reveals. These cases will be similar to the newest strains of Chimera ransomware spotted, or the blackmailing cases after the Ashley Madison breach. For enterprises we expect blackmail to play a greater role in breaches. Attackers would seek to extort a company before breached data is released or threaten them with how they can use the data if they don’t pay up.”

Candid Wueest Threat Researcher

Rise of the digital ransom


15

Chink in the Mobile armor

The number of new Android malware variant by family is likely to remain high or even continue to increase. However corporations will strike back.

With more and more features, like authentication tokens, enterprise apps, payment and other moving to the smartphone, mobile devices will be a prime target for attackers.

We’re likely to see tighter controls on office app markets and concentrating on making it harder to hijack system functions.


16

Breaches have broken authentication

Due to the huge volume of breaches in 2015 organisations can see the login/password system we know today is broken and will accelerate plans to move away from this system. Two-factor authentication (2FA), specifically that which requires not only something the real owner would know – e.g., a password - but also something that they, and only they have – e.g., their mobile phone, will become more commonplace.

Biometrics will also start to evolve into more comprehensive, mature solutions.

Looking To 2016 And Beyond (2016 And Security)


18

Security by design for robotics

• Robots about to take on a lot of daily and working tasks in the next 10 years are currently being designed and conceived.

• This should include a security by design approach, in order to secure their programming, updating and identification so that the environment in which they will evolve and their production is as safe as possible and avoid potential hacks at later stages.


19

3D City Modeling

• True SMART cities are still a way off but the design and planning of these future spaces will receive a lot of attention in 2016. The first implementations of tech in this area will be immersive and configurable 3D models of future cities that allow planners and other stakeholders to experience future designs through virtual and augmented reality. This, also, requires a security by design approach.

Thank you!

Copyright © 2015 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

@SymantecUK

linkedin.com/company/symantec