After an all too intense 2014, what does 2015 have to offer to keep the diligent information security community up late?
Here are some of our thoughts:
New improved Spear guns
2015 will be the year of really successful SpearPhishing attacks, which will be used to drop all manner of nasties. Zeus variants will continue to prosper, along with even more nasty ransomware which will disrupt both the individual and the enterprise. User education is a key factor in preventing infection and we will be offering user awareness programmes to our customers. We will also continue to tune the detection systems of our NetSure360° Managed Security platform. As well as continuing to add known Command and Control (C2) sites, we will be integrating functionality such as the recently announced dynamic-dns functionality from Palo Alto in order to detect rapid DNS changes typical of some malware. Detection systems and rules for accepting inbound email will require tightening across the board.
Massive enterprise breaches
There will be an increase in these in 2015 for a number of reasons. The first is the obvious ‘my dongle is bigger than your dongle’ attitude of the young hacker hordes who are much more organised online than they are in their bedrooms. The second, and to our minds a more worrying reason is the availability of Malware as a service. Disgruntled ex employees can buy, tailor, deploy and execute very targeted and efficient attacks without massive skills- think Sony Pictures. In order to combat these, internal controls, both technical and physical will need to be understood with disaster recovery/damage limitation procedures in place and tested as an integrated part of the business continuity process. We will be visiting all of our customers in Q1 to discuss this approach to regain control.
Very organised crime
We have seen incredibly sophisticated and organised scams against all forms of online cash in 2014 and this will only increase in 2015. Not just content with stealing card and login details, organised gangs will collate, test and resell this data amongst themselves and to larger non cyber, terrifyingly organised entities. ITC will continue to support our clients, the Police and associated agencies, whose efforts we salute, during 2015.
Cloud services will come under increased attack in 2015. Here at ITC we are very interested in the security implications of Software Defined Networking, particularly the speed of deployment, development and patching. We were surprised to see that VMWare are describing their SDN (NSX) engineering qualification as ‘The next-gen CCIE’, somewhat disrespectful of their former pals at Cisco who in our experience shouldn’t be written off so casually.
We are due another Snowdenesque data leak. On Christmas Eve 2014 the NSA released 12 years of oversight reports identifying enormous numbers of security breaches by staff. Some deliberate, such as spying on spouses, or accidental. As well as the extremely shady timing of the release it appears to have exposed something of a hornet’s nest of discontent amongst a significant number of agency types. Watch this space.
Unloved legacy servers
There will be more oldskool attacks on legacy (Mostly Unix) code – like HeartbBleed and Poodle . We can hear the legions of doom going through Unix source code from here! We will continue to update our customer base as soon as news of any successful activity breaks and will be deploying risk qualification technology (where am I vulnerable?) together with attack identification and mitigation techniques on our NetSure360° Managed Security platform.
The internet of naughty things
As more and more household appliances become connected to the internet, the attack landscape is rolled out wider and thinner as if by a rolling pin. Although not the focus of Cybercriminals currently, all attack vectors must be considered especially around wireless network breaches caused by the IoT. Watch this space for significant developments; if the lights have gone out, we may have been too late!
Software defined Networking
2015 will be the year that Software Defined Networking begins to take shape and be implemented by larger enterprises (probably true), CCIE’s will be made redundant in favour of shiny new VMware NSX engineers and all networks will be designed, implemented and run by software. Of course they will.
Thanks for your continued support.
Happy New Year
Written by Chromas.