Prediction: 2016 to Ratchet Up IoT Vulnerabilities, Ransomware
It should be no surprise 2016 will see threats coming fast and furious.
The security experts from ESET who report at We Live Security (WLS) took out their crystal ball and predicted the following cybercrime trends for the coming year.
Whereas last year's predictions focused on APTs and corporate attacks, IT security professionals should be consumed in 2016 keeping up with attacks involving IoT, ransomware, crimeware, haxposure, Windows 10, and critical infrastructure, among others.
“The upcoming year – as with all years – brings the possibility for many learning opportunities, which offers plenty of scope for improvement,” WeLiveSecurity wrote in its summary.
Here's what we have to look forward to next year paraphrased in no particular order (although it will be sure to present many jobs for IT security professionals, always a good thing):
• High-visibility breaches will continue across all sectors
• Sophisticated attacks (i.e., code injection of specific customers)
• Unsophisticated attacks (e.g., DDoS).
• Tech support scams that unleash onslaughts of malware and ransomware
• Full-frontal assault on all things IoT
• Lots of corporate board handwringing
• Occasional increases in security funding
• Nation states formalize job SCADA (supervisory control and data acquisition)
• New breed of credit cards still get hacked
• Attacks on new flock of “digital doo-dads”
• Fake pop-up alerts for platforms other than Windows (still a target)
• Privacy concerns emanating from toys (e.g., “Talking Barbie”)
• Increased attacks on – and use of – virtualization technology by SOHO users
• Ramped up attacks on Adobe Flash, PDF, and Oracle Java
• Hack onslaught of web frameworks (Drupal, Joomla, Typo3, WordPress, etc.)
• Likely tool targets: web performance, optimization, analytics, personalization
• End users and businesses won't do enough to protect themselves
• New devices won't have sufficient baked-in security
• Healthcare IT managers will be under pressure from audits, HIPAA penalties
• Aggressive FDA action on vulnerable medical devices and apps
• Simpler authentication techniques that allow people to increase security
• New international laws will focus on encryption, networked communication
• Device manufacturers publish procedures for reporting product vulnerabilities