It’s that time of the year again, when cyber security experts are called upon to tell the world what we should all be afraid of over the coming 12 months. At Trend Micro, our threat researchers around the globe actively study the landscape for new tools, techniques and procedures used by the bad guys. This TrendLabs research team helps us design the next generation of products to keep our customers safe and keeps us at the leading edge of the cyber security industry.
The past 12 months has seen some pretty successful takedown operations with industry and law enforcers working together to disrupt botnets like GameOver, but the bad news is that next year the bad guys will respond. It’s likely they’ll increasingly turn to the so-called Dark Web and darknet services to escape detection. Untraceable, anonymous P2P networks like Tor and Freenet will put a huge strain on the purse strings of law enforcement organisations everywhere. Let’s hope they can cope.
It’s also more than likely we’ll see two or more major data breaches each month as hackers continue to hit the biggest targets, as this is where the biggest rewards are. Point of sale systems are particularly at risk. According to our Q3 Security Roundup Report the US tops the list of countries with the most PoS malware infections (30%). A little more reassuringly, the UK is down in eighth place with just 3%.
Q3 also saw several new critical vulnerabilities discovered in Android, such as FakeID, which allows malware to impersonate legitimate apps. Unfortunately 2015 will be no different, as cyber criminals step up their assault on mobile devices with Android specific exploit kits to take advantage of OS fragmentation. Mobile payment systems are also likely to be targeted as platforms like Apple Pay and Google Wallet gain in popularity.
Most worrying of all perhaps is the likelihood that targeted attacks will go mainstream in 2015. Up until now the bad guys had to possess a degree of technical ability to carry out these covert, information stealing campaigns. That is no longer the case as all the tools and techniques needed to get started can be found on underground online forums. They’re low cost, require little expertise to use and are easy to track down if you know where to look.
To keep your organisation safe over the coming 12 months you have to assume that it has already been hacked. Next steps include the following:
- Invest in systems which give you better visibility into network activity; file integrity monitoring and log inspection are two key tools
- Ensure your security provider is powered by cloud-based global threat intelligence to stop and block zero day threats
- Update education and awareness program to help staff spot spear phishing emails
- Ensure all systems and key software is patched and up-to-date
- Contextual awareness from big data analysis of security events is useful in spotting targeted attacks
- Unify management of disparate tools into single pane of glass if possible
- Implement SIEM to monitor and analyse the output of security controls
- Improve incident response by, for example, running fire drill exercises
You can view or download a copy of Trend Micro’s 2015 Security Predictions report, The Invisible Becomes Visible, here.