Top Cyber Security Threats and Trends for 2015

Predicting the future is easy – take a long look at what’s happening now and hit the mental fast forward button. But in 2015 the rewind button will be equally useful.

We don’t have a fail-proof crystal ball but we suspect that old-school style hacktivisim will share the headlines with emerging threats against devices and virtual payment systems. And we think this might be the year when hackers and data scientists will wage their own personal war, with both sides using Big Data as their weapon of choice.

Read on for the details and more of our predictions.

Data Destruction

Look for an increase in malware that extracts information and then destroys the systems that housed the data. This capability could be used to hold data or entire networks for ransom or cover malicious hackers’ tracks by deleting every trace of their presence. Malware may also be programmed to self-destruct if it feels threatened – perhaps when a system is taken offline for remediation. Now is a good time to update your incident response plan to include a process that addresses imminent and wide-scale data destruction.

Fraud Management

Financial institutions will lead the way in using proven fraud discovery and management techniques to thwart phishing attempts. Solutions that can effectively spot the patterns that indicate fraud can be used to defend against social engineering. Predictive analytics won’t solve the phishing problem, but it will be a big part of the solution. Look for smarter ways to combat social engineering attacks. Training alone isn’t enough.

Third-Party Risk Control

There’s been a lot of chatter for the last few years about supply chain, vendor and partner security. 2015 is the year it will finally top everyone’s to-do lists. No business is an island unto itself, and companies will begin demanding independent (and regular) security and compliance testing before they sign a contract with a third party. Expect to see security extended to remote/mobile workers as well, with monitoring and enforcement of personal and business-owned device security policies becoming more of a priority.

Hacktivist vs. Cyberwarrior

The notoriety of Anonymous will further spawn politically motivated collectives around the globe, as countries continue to explore the effectiveness of cyberwar tactics. Government-run hacking military divisions will be featured in mainstream news, while hacktivists will globally share tools and techniques. Perhaps Hacktivism as a Service (HaaS) will become a new career path. Consider your risk profile – are you an attractive target for hacktivists or cyberspies? – and adjust your defenses accordingly.

Big Data Fuels Cybercrime

Using information from publicly available and compromised corporate systems, malicious hackers will take deep dives into data to determine the best way to craft highly-targeted attacks against carefully selected entities. Verifying trustworthiness is going to be a huge issue in 2015.

Increased Targeting Of Devices

From mobile devices to ATMs, and M2M virtual payment systems, we expect to see targeted attacks on the “internet of things.” Malicious hackers follow the money, and devices are moving the money around. Watch for sophisticated attacks aimed at manipulating ATM operating systems, and a move away from devices such as skimmers. Mobile app developers need to really focus on building security into the development cycle, and testing everything thoroughly no matter how tight the deadlines are.

Posted in BAI Security Blog, Reducing Security Risks, Security Risks and tagged , , , , , , , , .

One Comment

  1. Hi there, thanks for your resourceful post about “Top Cyber Security Threats and Trends for 2015”. I agree with you that all business should have unnecessary data destruction plan for their security. You are right that “for a higher level of security the device hard drives can be DOD (department of defense) wiped or physically destroyed on-site before transportation takes place to TST’s nationally recognized recycling center”. It is imperative to employ a renowned and dependable data destruction service provider that protects all your responsive data effectively and efficiently.

    Regards
    Phiston Technologies, Inc

Leave a Reply

Your email address will not be published. Required fields are marked *