Intel Security released its McAfee Labs Threats Predictions Report, which predicts key developments on the cyber threat landscape in 2016, and provides unique insights into the expected nature of that landscape through 2020, as well as the IT security industry’s likely response.
“To address the business, technology, and threat landscape realities facing them, we must help organizations get to where they need to be, using technologies that will enable and not hinder their businesses, and understand what kinds of threats could be confronting them tomorrow, and far into the future,” said Vincent Weafer, vice president of Intel Security’s McAfee Labs.
2016 Threat Predictions
The 2016 threat predictions run the gamut of trends, from the likely threats around ransomware, attacks on automobile systems, infrastructure attacks, and the warehousing and sale of stolen data, among other likely issues in 2016:
- Hardware. Attacks on all types of hardware and firmware will likely continue, and the market for tools that make them possible will expand and grow. Virtual machines could be targeted with system firmware rootkits.
- Ransomware. Anonymizing networks and payment methods could continue to fuel the major and rapidly growing threat of ransomware. In 2016, greater numbers of inexperienced cybercriminals will leverage ransomware-as-a-service offerings which could further accelerate the growth of ransomware.
- Wearables. Although most wearable devices store a relatively small amount of personal information, wearable platforms could be targeted by cybercriminals working to compromise the smartphones used to manage them.
- Attacks through employee systems. Organizations will continue to improve their security postures, implement the latest security technologies, work to hire talented and experienced people, create effective policies, and remain vigilant.
- Cloud services. Cybercriminals could seek to exploit weak or ignored corporate security policies established to protect cloud services.
- Automobiles. Security researchers will continue to focus on potential exploit scenarios for connected automobile systems lacking foundational security capabilities or failing to meet best practice security policies.
- Warehouses of stolen data. Stolen personally identifiable information sets are being linked together in big data warehouses, making the combined records more valuable to cyber-attackers. The coming year will see the development of an even more robust dark market for stolen personally identifiable information and usernames and passwords.
- Integrity attacks. One of the most significant new attack vectors will be stealthy, selective compromises to the integrity of systems and data.
- Sharing threat intelligence