FortiGuard Labs names top 5 threat predictions for 2016
Fortinet’s FortiGuard Labs has picked the top five emerging threats that look set to challenge our defences in 2016.
In keeping with tradition, security vendors and pundits have been busy over the last few weeks making their threat predictions for the coming year. This isn’t just an idle exercise, however, it is rooted in necessity, as vendors need to accurately predict changes in the threat landscape in order to design novel solutions that effectively address the emerging issues and protect customers from increasingly savvy cyber criminals, more intelligent malware and more determined state actors.
Organisations in turn must plan appropriate defences and deploy countermeasures before an attack occurs instead of waiting until disaster strikes.
Prediction #1: The Rise of Machine to Machine Attacks
Last year saw a number of proofs of concept and active attacks involving connected “headless devices” – the so-called Internet of Things. Malware that infects Point of Sale devices, for an example, now ranks in Japan’s top 10 list of malware in the wild, while researchers have also made headlines by compromising and controlling a connected vehicle in motion.
FortiGuard Labs are predicting a further development of exploits and malware that target trusted communication protocols and APIs like Bluetooth, Zigbee and others commonly used by IoT devices in 2016. They believe that IoT will become central to “land and expand” attacks, with hackers taking advantage of vulnerabilities in everything from smart home devices to wearables to compromise corporate-issued devices or corporate networks.
Prediction #2: Headless Worms Target Headless Devices
Related to the rise in machine to machine attacks, the “headless devices” driven by the IoT will also become a focus of worms and viruses that are designed to independently target and automatically propagate to other devices via trusted communication protocols. These viruses could be designed to cause the systematic failure of devices and the damages would be far more substantial as the numbers of IoT devices grows into the billions.
FortiGuard researchers and others have previously demonstrated that it is possible to infect headless devices with small amounts of code that can propagate and persist. Worms and viruses that can propagate from device to device are just around the corner.
Prediction #3: Jailbreaking the Cloud
As adoption of virtualisation and cloud strategies increases, hackers are developing strategies to break out of hypervisors and infect the larger infrastructures and systems. Hackers will start targeting malware that exploits flaws in virtualisation protocols to jailbreak the cloud and gain access to wider infrastructure data.
Prediction #4: Ghostware Conceals Indicators of Compromise
As cybercriminals become the focus of investigation and prosecution in the criminal justice system, careful hackers will develop a new variant of malware that is designed to achieve its mission and then erase all traces before security measures can detect that a compromise has taken place.
FortiGuard predicts that we will witness Ghostware in 2016, written to steal data and disappear to conceal its creators.
Protection #5: Two-Faced Malware
Malware has been continually evolving features to avoid detection as security measures like sandboxing become more prevalent. As Sandboxing becomes more resistant to these countermeasures, FortiGuard Labs anticipates the development of Two-Faced Malware designed to execute an innocent task to avoid detection and then execute the malicious process once it has cleared security protocols.
This two-faced malware could be flagged as safe by the sandbox and then reported back to the threat intelligence systems so they aren’t suspected in the future, compounding the challenges to vendors and organisations associated with this type of malware.
The bottom line
The bottom line for vendors is that malware authors are getting savvier while attackers are taking advantage of growing attack surfaces. For organisations, selecting vendors that can keep up with these new threats will be critical to staying on top of malware and preventing data loss and system destruction in 2016.