2015: Ransomware, Malvertising, Espionage, Oh My!

With the Thanksgiving holiday officially come and gone in the United States, the approaching New Year is once again shifting into focus—along with 2015 security predictions. According to Blue Coat, malvertising, potentially unwanted software (PUS), more daring ransomware demands, social media hacks and espionageware sparked by international conflicts will all be the star attractions next year as far as the bad guys go.

And, the firm said that “common mode failure" vulnerabilities like Heartbleed, Shellshock and POODLE will continue to surface.

In an emailed note, Blue Coat detailed the threats a bit more thoroughly. Malvertising, for instance, will increasingly infect hosted ads on media sites, it said. “As malvertising increases, media companies will pressure ad partners,” it noted. “Major media properties will increasingly display ads from partner networks that host malware. As the risks of infection by visitors to their web properties increase, these media companies will put more pressure on their ad partners to eliminate malvertising.”

Meanwhile, 2015 will be the year of PUS, which will continue to increase on mobile devices. Hidden deep down in end-user licensing agreements and frequently missed by users downloading free aps, PUS will increasingly be part of downloads to gather information about web surfing, in order to do better targeting and serve more relevant advertisements. Companies tell consumers that this is to "improve your browsing experience,” but in reality it’s all a monetization scheme for developers.

“As PUS is increasingly added to free software by developers seeking to monetize their creations, it will slow down — and even destabilize — an infected device,” Blue Coat said.

Ransomware creators meanwhile will aim higher and demand higher ransom. “Ransomware hit a lot of people in 2014,” Blue Coat said. “The next logical step for ransomware creators is to say, ‘how can I increase value from my victim?’”

Blue Coat predicts that the next real ransomware targets will be small businesses or small government organizations — entities with hundreds of thousands in their bank account.

“These attacks will involve conducting reconnaissance on target computers/systems — not just blindly encrypting all the documents,” it said. “If attacks can access the network storage, attacks can demand higher ransoms.”

Attackers will also change up their tactics to get even more social. Attack tools will increasingly leverage information from social networks to customize the attacks in a better way. Most targeted attacks have a social context, which increases efficacy and is easier to do now. Attackers will exploit their knowledge of target victims to gain access to critical systems and data.

Then there’s espionage. While it was relatively low in volume in 2014, Blue Coat warns to expect an increase in surveillance software that is created by security companies or nation states to monitor certain people.

“As international conflicts emerge, these tools will inevitably be used to keep track of what people are doing and whether they’re a security risk or not,” it said.

And finally, instances of Heartbleeds, Shellshocks and POODLES will only become more frequent. These common mode failure events have a commonality in that a single defect causes failures to ripple through an entire system or the internet.

“Vulnerability seekers (researchers, attackers) have had their first taste of this, and there's no going back now,” said Blue Coat. “In 2015 we expect to see increased development and technology costs, as developers start to invest more in code analysis on open-source, or move toward commercial alternatives where a third party [or] licensee can be liable.”

Other trends on that front to watch include open-source factionalizing, as more "indignant forking" starts to happen, like LibreSSL; and, a slowdown to the pace of innovation overall, as vendors are forced to spend more resources on emergency maintenance releases.

What’s Hot on Infosecurity Magazine?