ThreatStream, a provider of a collaborative threat intelligence platform, manages information about thousands of attacks on enterprises giving us a unique perspective on emerging trends in cyber security. Our threat research team is happy to share the emerging trends for 2015.
Our Top Predictions
Point of Sale Attacks Increase well into 2015
The trend of brick and mortar retailers experiencing breaches to their PoS systems will increase, and as a result several nationwide restaurants chains will also be targeted. 2014 was the year in which major retail chains were hit with massive data and credit card breaches. This trend will continue to accelerate and major restaurant chains will likely be the next target.
Cyber Security and Breach Insurance
Breach insurance will become the new norm, especially in retail, restaurant chains, and healthcare. Every major insurance provider offers some form of cyber breach insurance and premiums from this type of insurance are expected to continue to grow exponentially as they have done for the past 2 years. Even smaller businesses are starting to realize the importance of this type of protection and are moving to ensure they are covered.
Cyber Criminals leveraging APT TTPs
APT (Advanced Persistent Threat) tools, tactics and procedures will be used for cyber crime and will become the new norm in 2015. It will be hard to distinguish between Advanced Persistent Threats and cyber crime actors as these organizations learn and adopt the tactics used by APTs for the past two years.
Apple products increasingly targeted
Why should Microsoft have all the fun? With 2014 seeing a sharp uptick in attacks on the Mac OSX operating system and even new malware targeting the iPhone, we predict a strong uptick in cyber attacks against Apple’s products including more exploit kits targeting Mac, more bots/RATs/etc.
Mobile, Mobile, Mobile
With tablets and mobile phones taking an increasing share of internet usage, attackers are shifting their targets at an alarming pace. Android with its quickly growing market share will take the lion-share of attacks but IOS platforms such as iPhone and the iPad (although much more difficult to attack) will continue to see new malware. Companies will be forced to consider their mobile security strategy in 2015, especially with the continued rise in BYOD (bring your own device) policies.
Security is Big Data
Big Data SIEMs leveraging Hadoop, Elasticsearch, or platforms like Splunk will become the new norm within the Fortune 500[j1] , esp. Banking/Finance, Energy, and Healthcare. We have noticed this trend across some of our more advanced customers who have built their own SIEM-like system or leveraged features of Splunk to improve their ability to monitor and protect their networks at scale.
Public/Private Cyber Threat Data Sharing
Private corporations and government will share more cyber threat intelligence data and in real-time.
Politically Motivated Cyber attacks against businesses will become more prevalent and more devastating
Cyber attacks with the goal of embarrassing or discrediting their victims will continue in 2015 especially for politically motivated attackers or attackers wanting to extort their victims.
Critical Infrastructure Attacks Become a Reality
There will be cyber related SCADA (power, oil, or water) attacks this year. This seems inevitable given the current state of security with SCADA, the release of Stuxnet, and related variants, as well as the increasingly brazen attacks against companies for financial and political reasons. These attacks will likely be carried out for political reasons or as part of an extortion scheme.
Honeypots used in Production for Enterprise Security
Honeypots will gain for traction in the enterprise as a way to augment existing detection and monitoring activities. Honeypots and other novel open source network sensors are gaining traction with enterprises. Based on the volume of inquires we have received related to the Modern Honey Network project, we believe that honeypots will gain adoption by several large enterprises in 2015.
Threat Sharing and Collaboration will become a regulation/compliance requirement for Enterprise
We predict that sharing of Threat Intelligence will become a compliance requirement for enterprise organizations and government in 2015. Integrated threat intelligence makes other security monitoring and controls far more effective driving the need for compliance standards like the payment card industry's: PCI/DSS.
2014 was the year of the data breach and sophisticated attacks will continue to escalate in 2015. The ability to quickly digest threat intelligence according to risk-based priority and remediation can help organizations avoid disastrous incidents that can harm reputation, customer loyalty and revenue.
Topics:Cyber Threat Intelligence