FireEye predictions for cybersecurity in 2015
But what can we expect from next year?
Security flaws Heartbleed, Cryptolocker and Shellshock have all had their time in the media spotlight, companies are reviewing their risk management and damage control processes, and investment is being pumped into training the next generation of cybersecurity experts in an attempt to keep corporate network intrusion to a minimum. Mobile and Web-based viruses remain a scourge, and hardly a week goes by without hearing of another data breach or a new strain of malware being discovered in the wild.
According to Greg Day, CTO of the EMEA region at security firm FireEye , these situations are likely to deepen and worsen over the coming year and into 2015.
The security and forensics firm predicts that in the technical realm, mobile ransomware will surge in popularity. Cryptolocker attained a measure of success this year, and so attention is expected to further turn to mobile in order for attackers to gain access to your phone and contacts. The data which will end up locked is centered on cloud accounts, which will be encrypted before the victim is hit with a lock screen and demand for money.
FireEye predicts that point-of-sale (PoS) attacks will also become a more popular method of stealing data and money -- and PoS attacks will strike a broader group of victims with increasing frequency. The security firm believes that more creative targeting will evolve as retailers strengthen their defenses and more criminals get into the game. As a result, cyberattacks will spread to "middle layer" targets including payment processors and PoS management firms.
"The danger being that a single successful intrusion could provide access to pools of credit card data from many sources that could rival the numbers we have seen stolen from single large victims thus far," FireEye claims.
While hackers aiming at PoS systems begin to target third-parties more, the same can be said for business as a whole. It is predicted that attacks on the enterprise supply chain will surge, as less mature or financially able companies become weak links in an ecosystem where only top firms can bolster their defenses to acceptable standards. Consequentially, large companies will demand evidence of adequate security controls from their suppliers in the future -- but whether smaller companies will have the funds available remains to be seen.
When something does go wrong and a cyberattack is successful, response plans are also expected to fail more often, with harsher consequences. FireEye believes that a lack of adequate response could result in a major brand going out of business in 2015. With such risks in the corporate realm, cyber insurance as an industry is expected to grow.
Breaches are an inevitable part of modern day business, but damage control is possible. Real-time network monitoring and forensic analysis after an attack has taken place can help identify attackers, detect a breach as it occurs, and mount a defense before severe damage is done.
Read on: In the world of security
- Sony Pictures corporate files stolen and released in cyberattack
- Amnesty's Detekt tool wants to help you thwart government spying
- Snapchat issues outright ban on third-party apps following 4chan hack
- Hackers infiltrate White House network
- Teen hackers charged with stealing $100 million in Army, Microsoft tech
- Analysis casts doubt on FBI claims over Tor website seizures
- High volume DDoS attacks rise in Q3 2014
- Apple iOS Masque flaw dangers: Communication app infiltration discovered
- UK hires hackers, convicts to defend corporate networks