The McAfee Labs 2016Threat Predictions report identifies top threats for the coming year as well as predictions for future cyber threats through 2020. The following is a summary of the report’s findings:
Attacks that exploit flaws in both hardware and firmware components are expected to continue; security experts recommend being mindful of this potential avenue of exploitation below the level of the operating system.
Ransomware attacks will likely become more common and more sophisticated. “Ransomware-as-a-service” is expected to continue growing, which will allow inexperienced cyber criminals access to the ransomware. Additionally, experts predict that ransomware will expand beyond Windows and also start targeting the increasingly popular Mac OSX.
Wearable devices are becoming much more popular. While these devices don’t store very sensitive data themselves, they do connect to smartphones via Bluetooth, offering criminals a new potential “back door” into a user’s smartphone. The report suggests that cyber criminals might, for instance, use GPS data gathered from a user’s fitness tracker to create spear-phishing email attacks that the user is more likely to open.
Wired magazine stunned the automotive world in July 2015 when it ran a feature story outlining how a couple of enterprising hackers remotely commandeered a Jeep Cherokee. Experts predict a rise in the number of exploited zero-day vulnerabilities, but even identified threats pose a problem, because some companies cannot issue remote updates to certain car models.
Integrity attacks represent a new, and potentially costly, type of cyber attack that most companies have seen in the past. Unlike other cyber attacks in which criminals simply damage or steal data, integrity attacks involve criminals selectively and surgically altering data in communications or transactions in ways that benefit them. Experts anticipate integrity attacks will heavily affect the financial sector in 2016 as criminals find methods of intercepting and redirecting their targets’ legitimate transactions to their own bank accounts. The report also mentioned that employees’ home systems, Cloud services and cyber espionage are likely cyber threats in the coming year. Regardless of the source, it’s clear that guarding yourself from cyber attacks involves identifying your exposures and developing strategies to protect yourself from each developing risk.