I don’t especially like to talk about predictions because it is somehow assuming that you have the knowledge and visibility on the future which, of course, no one has. As the Chinese philosopher Lao Tzu says, “Those who have knowledge, don’t predict. Those who predict don’t have knowledge.” But one of my responsibility as IT security expert is to continuously carry out a cybersecurity watch. The present facts and trends are a solid basis to extrapolate the future.
From my experience, my readings and my IT watch, here are my cybersecurity predictions for 2016.
Ransomware consists in kidnapping data and threating the victim to destroy it unless the victim pays a ransom. These malwares spread via email attachments, infected programs and compromised websites. Not only will this hacking practice continue to expand but it will probably get more and more sophisticated. As a consequence, ransomware must be considered a major threat for organizations security as well as for governments.
Homes, cars, toys, medical devices, personal devices and even public lights … Internet of Things has kept growing since the early 2000’s but it is only at its early stages. These items are as many targets for hackers who will increasingly exploit the security breaches in many ways.
The fast and booming migration of data on the Cloud represents an increasing number of opportunities for hackers. The reasons of this vulnerability relie on the first hand on too poor security measures used by companies and end-users and on the other hand, on a minor scale, on security weaknesses inherent to some cloud services.
Up to now, large companies and organizations have been clearly the main targets of cyber criminals. The adoption of cloud services by small and medium businesses (cf. above) puts them in the first line for cyberattacks. A recent survey stated that 92% of companies have cloud credentials for sale on the Darknet.
With the massive adoption of smartphone and m-commerce, the amount of financial transactions done via smartphone is booming. As a consequence, mobile devices are increasingly targeted by hackers who exploit vulnerabilities in operating systems, Android and Apple’s iOS. The low level of precautions taken by mobile phone users is a opportunity for cybercriminals to exploit the security breaches.
Dealing medical identity on the black market is today a more profitable than dealing stolen credit card information. Hospitals, clinics, health insurance and the healthcare industry in general are a coveted target. In addition to this “high potential” for cybercriminals, it appears that this industry remains under-protected from cyberattacks which makes it even more attractive for hackers.
The term hacktivist comes from the association of hacking and activism. It refers to the act of hacking, or breaking into a computer system, for a politically or socially motivated purpose. Hacktivists use the same techniques as hackers but they act in order to disrupt services, destroy criminal organizations or to serve a political or social cause. Anonymous is today the most famous hacktivist group, having declared war over ISIS (The Islamic State of Iraq and Syria). Other hacktivist collectives such as Ghost Security are very active trying to destroy the online presence of Islamic State. In 2016, we can expect this trend to continue growing.
« How to create a good password (strong but user-friendly)