Kaspersky Lab’s experts revealed their predictions for 2016, which
are based on the expertise of the Global Research and Analysis Team –
the company’s 43 top security experts, located all over the world.
Each member contributed unique expertise and, in 2015 alone, their
insight and intelligence resulted in detailed reports on 12 Advanced
Persistent Threat actors, “speaking” different languages, including
French, Arabic, Chinese, Russian, English, among others.
Kaspersky Lab’s experts anticipate that in 2016, we will see significant evolution in cyberespionage tradecraft.
First, there will be a dramatic change in how APTs are structured and operated.
It is expected to see a decreased emphasis on ‘persistence’, with a
greater focus on memory-resident or fileless malware, reducing the
traces left on an infected system and thereby avoiding detection.
Furthermore, the experts see that there is less urge to demonstrate
superior cyber-skills, so return on investment will rule much of the
nation-state attacker’s decision-making.
Therefore there will be an increase in the repurposing of
off-the-shelf malware rather than investment in bootkits, rootkits and
custom malware that gets burned by research teams.
In a more long-term perspective, there is an expectation that more newcomers will enter the APT space.
Cyber-mercenaries will grow in number as more parties seek to gain from online attacks.
These are expected to offer attack expertise to anyone willing to
pay, and also to sell to interested third-parties digital access to
high-profile victims, in what could be called an ‘Access-as-a-Service’
offering.
Consumer threats will also evolve. According to experts ransomware
will be gaining more ground on banking Trojans and is expected to extend
into new areas such as OS X devices, often owned by wealthier and
therefore more lucrative targets in addition to mobile and the
Internet-of-Things.
Cybercriminals are constantly looking for new ways to make their victims pay.
Therefore, alternative payment systems such as ApplePay and
AndroidPay, as well as stock exchanges are expected to become growing
targets for financial cyber-attacks.
In 2015, Kasperksy Lab experts witnessed a rise in the number of
DOXing, public shaming and extortion attacks, as everyone from
Hactivists to nation-states embraced the strategic dumping of private
pictures, information, customer lists, and code to shame their targets.
Sadly, Kaspersky Lab expects this practice to continue to rise exponentially in 2016.
“Nigeria ranks number 8 for Internet Users by country, it is the
highest number among all African countries. It is obvious that in this
region we will see many attacks on users aimed at getting their
financial and personal data on mobiles and PCs. Ransomware will also
likely rise in this region in 2016. Also there are more and more
companies choosing to keep their data in the cloud due to the reduced
costs and the grown Internet speed, so the opportunity for malware
writers to steal company data has become a much bigger risk than a few
years ago,” says Dirk Kollberg, Senior Security Researcher, Global
Research & Analysis Team at Kaspersky Lab.
In order to be able to minimise the future risks connected with
cyber-attacks of the future, businesses should create and deploy a
complete security strategy.
It is important to educate staff about cybersecurity, implement
multi-layered Endpoint protection with extra proactive layers and
protect all elements of infrastructure, patch vulnerabilities, mind
everything that is mobile and implement encryption for communication and
sensitive data.
Companies that have high risks of encountering cyberattacks should consider creating a dedicated Security Operations Center.
Individuals should invest in a robust security solution for all devices and switch to encrypted communication.
However, they should not solely rely on technology.
Studying the basics of cybersecurity and exploring options that come with the protective solution can save from many incidents.
With more and more of our lives being exposed online – it might be
useful to revise online habits, as once the information is uploaded it
stays online forever and can be used against you or your company.
The full text of the “2016 Prediction: It’s the end of the world for APTs” report is available on the Securelist website (https://securelist.com/files/
To look back at what the Kaspersky Lab experts expected to see in
2015, please read the article from Kaspersky Security Bulletin 2014:
Predictions 2015 (https://securelist.com/
. Distributed by APO (African Press Organization) on behalf of Kaspersky.
Copyright The Eagle Online. www.theeagleonline.com.ng
No comments:
Post a Comment