At the moment, there is more focus on cybersecurity than at any time before, so it’s important to look at the current trends and how they will play out over the coming months. We are at the start of a wave of changes which are unpredictable, but business leaders need to pay attention. If we start to understand the trends of today, it will give us a good indication of where security issues are going to arise tomorrow. Outlined below are the top security trends that we need to be aware of:
DDoS extortion will become more common
In 2014 we saw a new threat, DD4BC, arise. In 2015 it went away, but was immediately replaced by the Armada Collective. Both groups sent threatening emails requiring the payment of a small number of bitcoins, otherwise the company’s site would be taken offline. The success of these groups has led to the Armada Collective becoming more aggressive and a number of copycats have arisen. There’s no doubt in my mind this will continue this year and get much worse as more criminals see the potential profits of DDoS extortion.
The Internet of Things will be compromised
The Internet of Things (IoT) isn’t a single technology or product, but rather a whole class of technologies and products, most of which were designed and developed with nothing more than a passing thought to security. At the end of last year, the best examples of dangers of IoT were Hello Barbie and the compromise of toy manufacturer VTech.
IoT devices are collecting more information about their owners than most people realise, and even if the devices are perfectly secure, the services behind these devices often leave a lot to be desired in terms of security. This data is valuable and we’ll see more compromises of the tools and toys of IoT, as well as the companies that are collecting our personal data.
Security won’t improve markedly
This is one trend I hope I’m misreading, but nearly two decades in the security field tell me I’m not. Despite the many claims of security vendors that they have the one technology that can solve all of your security woes, no such product exists. Instead, we have to realise that we’re looking at a long, slow haul of minor improvements to security, measured in decades, not years.
Companies will find new, better ways to secure their systems, attackers will find new, better ways to compromise them. Slowly, over time, we’ll figure out how to do a better job of building software and systems that are secure from the ground up. It’s actually more likely that security will seem to get worse but that will be a symptom of organisations getting better at recognising the indicators of a compromise.
Government will have a major impact on security
China has always required access to all traffic on their Internet, while Russia passed a law in 2014 mandating that its citizens’ traffic stay in the country and be available to officials. Both the USA and the UK have been lobbying Silicon Valley companies to give them access to encrypted communications and in the wake of the Paris attacks, France is considering outlawing Tor and public WiFi access.
Politics aside, it’s clear that governments around the world are seeing the need to be heavily involved in legislating the Internet and this will have a huge impact on the security of individual businesses as well as the Internet as a whole. If you’re not paying attention to this changing landscape, then new legislation is going to blindside you, not a position any security professional should be in.
The unknowable unknowns
While many of our concerns are about the things we can predict, there’s never been a lack of unforeseen incidents. Every organisation will have at least one incident in 2016 that couldn’t have been predicted by extrapolating current trends towards the future. The secret that we need to understand as security professionals is identifying as many of the knowable threats as possible and then build a program that addresses the known threats while being flexible enough to deal with the unknown as well.
Do you have a plan for rebuilding your web servers if they’re compromised? Take it a step further: what if your AD servers are affected? Take it to the worst-case scenario and have a plan to deal with your whole network being wholly owned. It might sound like going overboard, but it’s happened to Sony and the OPM in the US and it’s probably happened to other organisations who haven’t made the news yet.
Review your processes and procedures with an eye towards making sure they support your goal of keeping your organisation secure, even if something completely unforeseeable happens. What’s your plan for the zombie apocalypse? It should probably look a lot like your plan for an infectious disease outbreak.
Martin McKeay, Senior Security Advocate, Akamai Technologies
Image Credit: jijomathaidesigners/Shutterstock