2015 has been another ‘year of the breach’ with almost weekly compromises becoming the norm. Cyber-criminals seemed often to be one step ahead of the security industry, using an evolving arsenal of cyber-attack techniques to successfully breach networks.
New Vulnerabilities
2016 will be considered the ‘year of the exploit’ as we will see a shift to higher impact cybercrime. This higher consequence crime is currently on the rise with nation states and organised criminals continuing to steal IP and other valuable information to gain economic advantages or cause a negative economic impact in rival countries.
Groups will become bolder in their hacking operations, not content with just stealing data, but also affecting the functionality of systems or even destroying the stolen data so a company can no longer access it.
Next year will also be characterised by a rise in stolen DNA and fingerprints to commit fraud and identity theft. We will see the stolen Personally Identifiable Information (PII) and Intellectual Property (IP) of organisations exploited to commit fraud, replicate identities and compromise consumers, commercial organisations and intelligence activities.
This will increase the hacking of organisations that hold DNA and other data like fingerprints as these unique signatures are increasingly used for authentication to devices and services. This growing area of criminal activity will require a holistic approach to monitoring threat levels across organisations through specialised cyber-security and intelligence software.
The final emerging vulnerability is the possibility of losing control of critical national infrastructure. Already, there is a real threat that the vulnerabilities of critical national infrastructures could fall into the wrong hands. Nuclear power plant ‘zero-day’ vulnerabilities for instance, can be purchased for only $8,000. As computer viruses continue to evolve, malware could be used to take control of the world’s large scale industrial control system—eventually even extending to transport.
The evolving cyber landscape
2016 will see continuing skills shortage of people with the right cyber-security skills. People who have direct first-hand experience in identifying cyber risks and improving defence are in high demand but low supply and this will worsen as the size of security teams increase.
With such a big shortfall, companies are starting to adopt Security as a Service (SECaaS) as a stop-gap measure. This outsources their security to another company that has more expertise and can scale more cost-effective security to all of its customers. Companies need to understand that while they can outsource responsibility they cannot outsource accountability, so they need to consider the benefits and risks involved.
Countering cyber threats
Governments are finally wising up to the fact that cybercrime, cyber-espionage and cyber-attacks are a defense issue. The way to combat the threat is through intelligence, and as many governments do with other forms of security intelligence, cybersecurity threat information will increasingly be shared between governments and commercial organizations alike.
We will continue to see these types of initiatives being adopted by governments, moving cybersecurity and breaches to a regulatory space. Commercial organisations and government departments need to be prepared for the impact, and this conversation will once again become a board-level/ministerial conversation.
As cyber-legislation tightens and requires increased accountability, companies will need a better understanding of network compromise. Many are turning to advanced analytics to identify threats and raise the alarm in order to discover the three stages of a hack: find what’s coming into the network, what it’s doing inside the network, where it’s leaving the network and what it’s leaving with.
This will require a greater investment in cyber-intelligence technologies that enable rapid detection and response. Companies now understand sophisticated cyber-criminals have rendered traditional perimeter defences, like firewalls, VPNs, and anti-virus and malware tools ineffective. A priority for 2016 will be to detect threats inside the firewall as they develop to defend and ultimately prevent significant damage from occurring.