In the last year, we've seen significant advancement in the use of behavioral analytics to identify breaches. Such analysis gives companies the power to forward-scan endpoints to identify behavioral changes to discover anomalies without a reliance on known signatures.
However, we still need more education in place, especially when it comes to building awareness among the general public on their cyber hygiene. With users as the weak link in the cyberdefense chain, phishing attacks and other low-effort methods are still proving lucrative for cybercriminals. Due to this commonly understood reality, we predict that social engineering and phishing will remain popular tactics.
Social engineering attacks will become more sophisticated and far-reaching.
The social engineering methods that hackers use for targeting organizations are becoming far more complex. There's also more money funding those that commit cybercrimes – whether they are government backed or on the payroll of organized crime gangs. These are large groups working together to create sophisticated, targeted attacks attempting to bring down the enterprise.
As such, organizations need to have a rehearsed set of processes to educate employees as well as manage inevitable incidents. It it is highly likely that organizations will be compromised at some point and so they must have the processes in place to react as efficiently and swiftly as possible to remediate the effects of the attack.
"... phishing attacks and other low-effort methods are still proving lucrative for cybercriminals."
The Internet of Things will create new potential attack entry points.
The Internet of Things (IoT) is a rapidly expanding universe. According to BI Intelligence, there will be a total of 23.3 billion IoT devices by 2019, and of those the enterprise market will account for about 40 percent. Something as seemingly innocuous as a connected coffee machine or smart fridge could now pose a risk to the rest of the enterprise if connected to the corporate network. Procurement teams should consult with the security team, and we need to set guidelines before any IoT device is purchased. The security team also needs to do regular scans of their machines to ensure there have been no breaches.
The encryption wars will continue to escalate.
We predicted last year that NSA intrusions will drive encryption efforts. In the past year, we've seen companies increasingly tout their encryption efforts as it relates to user privacy. Messaging provider Whatsapp recently introduced end-to-end encryption. Apple enhanced security on the iPhone – an individual's emails, photos and contacts are now encrypted. The company announced that it will not even have access to the code needed to decrypt the phone's content in a move to further distance itself from allegations of collaboration with the NSA.
We predict that things will become more heated in the coming year, as the government seeks to manage the rising tide of encryption while more companies will follow Apple and not only increase their encryption but also become more vocal about their efforts.
There will be an emergence of new “onion routing” services tailored for the cyber underworld.
In the coming year, we predict various intelligence agencies will increase focus on efforts to de-anonymize users of the Tor network. As a result, we expect to see the emergence of new “onion routing” networks focused on serving the cyber underground in their efforts to mask their operations and to recruit others to engage in illegal activity. Although Tor has been praised for helping protect political activists against censorship and worse, it's also attracted criminals which has led to efforts designed to undermine the anonymity of its users. When the FBI shut down Silk Road 2.0, it estimated that the network had about 150,000 active users and about $8 million in monthly sales.
Onion routing technology makes it extremely difficult for law enforcement and companies to track down criminals and has historically made it quite challenging to determine where an attack came from, and who was involved. So while we predict a decline in malicious use of Tor, it will only be due to criminals having found a comparable and lesser known service to serve the same purpose.