According to Trend Micro, over 52 billion threats were blocked by its Smart Protection Network in 2015, a 25 percent decrease from the previous year. This is important for a number of reasons. Malicious actors are being more selective in the attacks they launch and the targets they choose. At the same time, it's critical to look backward in order to craft more proactive, forward-looking defenses.
This isn't a new approach. More than a decade ago, TechTarget contributor David Harley penned an interesting piece titled, "Predicting the future of malware and tomorrow's malicious code." Here, Harley noted that by leveraging recent attack trends, he could "venture some educated (if somewhat reluctant) guesses about the immediate future of malicious code." What's more, Harley's predictions are only one example of this strategy in action.
"Authors of malware generally aren't the moody, inscrutable genies or geniuses of popular imagination, and they have to work with the same application, OS and hardware limitations that we do," Harley wrote. "Technical details change. Epidemiological patterns change. But the broad issues remain constant."
More than 10 years after the fact, Harley's point rings true. In order to get ahead of hackers, analysts examine the dominant trends that have taken hold recently, and predict how these might be shaped into larger threats in the future. In this way, steps can be taken to proactively protect sensitive information and assets.
"A broader and deeper threat landscape greeted 2016 – a playing field shaped by the introduction of new technologies and attack models from the year before," Trend Micro stated in a recent Security Roundup. "2015 had laid the groundwork for what we can now consider the new status quo in cybersecurity."
So what cues can we take from the previous year, and how can we apply these to create a map of future threats? Let's take a look at a few of the insights Trend Micro researchers have to offer:
Beginning with the basics: Data breach trends
In the cyber security and overall enterprise environments, data breaches are nothing new. However, specifically trends certainly did emerge during several high-profile 2015 breaches that we can apply to 2016 protections.
As Trend Micro pointed out, health care maintained its position as the most-attacked industry when it comes to data breaches. Attacks on large-scale organizations like Anthem, UCLA Health System, BlueCross Blue Shield and Premera Blue Cross are prime examples showcasing hackers' continued interest in sensitive health care documents. Overall, experts estimate that 90 million to 112 million records were stolen as a result of 2015 data breaches in this sector, exposing a range of personal details like social security numbers and financial details.
Another trend also emerged during 2015 data breaches, particularly in connection with the large-scale and high-profile attack on Ashley Madison. In this case, not only was the personal information of the website's users exposed, but those details were leveraged after the fact for extortion. And, as Trend Micro pointed out, this blackmail took place in rounds. This shows the ruthless nature of many hacking organizations, where attackers don't just steal information, but utilize it for additional nefarious purposes.
From these cases, organizations and individuals can learn a few things. First, health care organizations must ensure that every gap in protection is closed, and that they're utilizing the most stringent security and access measures possible to prevent a breach of the network, or the sensitive information stored there. Similarly, individual users must be aware of the risks that can come with activities in the social and cybersphere. With this in mind, users should take every step possible to safeguard themselves and their personal information. Added protections like using encryption and two-factor authentication where possible can be considerably beneficial.
Zero-day threats prove challenging
Trend Micro researchers also observed and participated in the discovery of several zero-day vulnerabilities last year, including those connected with the long-running cyberespionage group Pawn Storm. Zero-day threats prove especially problematic for protection, as these are gaps in solution or platform security that even the vendor is unaware of. However, corporate IT teams simply being conscious of this fact represents a step in the right direction. Taking things a step further with a vulnerability assessment can also support a forward-looking security posture.
"Attackers leverage vulnerabilities and weaknesses in all platforms," Deep Security Labs Director Pawan Kinger wrote. "They just need a way to get in. Enterprises must be very watchful of vulnerabilities in the core software and plug-ins that they use. A focused and continuous vulnerability assessment program must be completed by a configuration assessment program."
Holes in IoT security
Although zero-days and data breaches are certainly not new trends, the vulnerabilities discovered in connection with the Internet of Things and other smart devices surely are. Trend Micro pointed out that a number of actual and simulated attacks associated with the IoT took place last year, including Trend Micro's own GasPot and SmartGate System experiments. These and other instances demonstrate that hackers are, in fact, able to attack and access smart systems. This opens the door to a whole host of malicious possibilities.
The best defense against these types of attacks lies with IoT and smart device manufacturers. These organizations must be cognizant of the fact that the IoT represents new, fertile ground for hackers, and that specific protections must be built into connected appliances and IoT systems to ensure their security.
"The Internet of Things can be a venue for innovation and new possibilities, but it can also be used to break basic notions of privacy and confidentiality," Chief Technology Officer Raimund Genes noted. "Companies should endeavor to keep the interests of users in mind, otherwise, I can foresee government regulations being used to protect consumers. This may have consequences we cannot predict."
From these prediction, analysts can map out the types of attacks and vulnerabilities that enterprises and organizations might face this year. In this way, these groups can better arm themselves and build customized security measures to guard against these specific threats. Overall, staying updated about current security threats can help ensure protection for the future.