Google contacts not glasses; autonomous cars from Tesla and General Motors in many not just a few garages; and a major payment ecosystem reboot and cybercrime will continue to proliferate amongst the innovation of it all. These are just a few of the things I can be relatively certain will occur in the next 24-36 months. Our CTO Raimund Genes and Trend Micro’s group of exceptional researchers has outlined our predictions for 2015. As we digest the trends from the past several years and look to forecast the cyber storms headed our way in the New Year, it is apparent that this year’s hit list is one that should not be taken lightly.
The lens leveraged in the 2015 threat predictions report is taken from a global perspective. We take direct aim at the threat activity, actors and acceleration of targeted attacks. Let’s be clear, security companies can’t be as effective as the “precogs” were in 2002’s Minority Report. However, with the help of world-class threat intelligence/forensic analysis, public and private cooperation with global law enforcement and a partner ecosystem committed to adding value; much can be accomplished in defending against the ill wills of cyber criminals and nation-state activity.
Our researchers continue to go into the deep annals of the ever-expanding Dark Web to investigate the evolving “Hackonomics” of the digital underground. Significant work is being invested in cooperation with Interpol, Europol and the FBI to expose the tools, tactics and techniques of these actors and bring them to justice. The work is also invested into the research and development of products and services that can help stay one step ahead of the miscreants. The continued proliferation of TOR to remain anonymous will continue to make it more difficult but not impossible to track this nefarious activity. In an interesting twist, the largest social network has now provided a utility for TOR use. Facebook announced on Halloween that it was open for TOR business. Social media channels like Facebook, Twitter, LinkedIn, Instagram and many others are neighborhoods of choice for threat actors to patrol for unsuspecting victims. The use of these platforms using “Dark” utilities like TOR will expand for both good and evil.
Attackers efforts involving the infection of devices plus intelligence gathering on their targets allow them to become much more effective in their campaigns against not only the individuals themselves but the organizations in which they work for. In the next 24-36 months will see an even greater adoption of these social platforms and communities in addition to new ones being created. This almost seems unfathomable due to their current impact on today’s society but their continued growth will be enormous. Consequently, more users will become connected to these platforms with mobile devices. According to StatsCounter.com, approximately 24% of all Internet use comes from mobile devices in the US and nearly 29 % globally. This is up 67% over last year. This growth curve will also lead to a spike in malware, particularly in the Android open ecosystem, targeting these devices directly because of this phenomenon. It is also safe to say that greater than 75% of these devices are not using any form of basic security protection currently. Unfortunately, this ratio gets worse as more mobile devices are leveraged. This scenario pretty much equates to going to a gunfight with a butter knife. Trend Micro is predicting that the Android ecosystem will see a 100% increase in high risk and malicious applications in 2015. As we use our devices to bank, pay at the register with utilities like NFC and ApplePay, and also access our healthcare information; the occupation of these important instruments by attackers becomes an obsession and a profession. Organizations will have to determine how to analyze and detect targeted attacks from infected devices due to loose or undefined BYOD policies. Individuals must make the assumption that they will be hacked and take steps and precautions to actually prevent compromise of their mobile devices.
Tom Cruise’s 2002 Minority Report, like most typical science fiction movies, was way ahead of its time. Much of the technology used in the film to fight and predict the world of physical crime is now being implemented and adopted today into the mainstream but more for consumer use than fighting crime. Visualization technology in the form of Google Glass, Elon Musk and Tesla’s autonomous cars are all depicted in the movie. What is interesting is that the “PreCogs” didn’t see how those particular platforms would be attacked in the form of cyber crime and nation state activity. 2015 and beyond will demonstrate how new platforms will be attacked and compromised but might not tell the whole story for what is to come as their implementation begins to grow in the next 24-36 months. As we have come to know more about the dark web and who inhabits it, remember the famous proverb in the movie, “In the land of the dark, the one-eyed man is king…”. Let’s open our eyes to the continued issues of cyber attacks and how to defend against them. Make the invisible become visible.
Please add your thoughts in the comments below or follow me on Twitter; @jdsherry.